[stable/zed] fix: add CA mounts in the Prometheus oauth2 container (#1335) This is an automated cherry-pick of #1329 /assign mnaser

commit: 18adb06c77ddbea79440cfb2170670c213671fac [log] [tgz]
author: vexxhost-bot <105816074+vexxhost-bot@users.noreply.github.com> Wed Jun 12 05:25:12 2024 +0200
committer: GitHub <noreply@github.com> Wed Jun 12 03:25:12 2024 +0000
tree: cd624abe235f5f52d9750e183d183d3ee27831c0
parent: 9f370df6afc9b2377c4cce456d7b618e6705c027 [diff]
diff --git a/roles/kube_prometheus_stack/vars/main.yml b/roles/kube_prometheus_stack/vars/main.yml
index e638d22..4cf2386 100644
--- a/roles/kube_prometheus_stack/vars/main.yml
+++ b/roles/kube_prometheus_stack/vars/main.yml

@@ -133,6 +133,14 @@
             - containerPort: 8082
               name: oauth2-metrics
               protocol: TCP
+          volumeMounts:
+            - name: ca-certificates
+              mountPath: /etc/ssl/certs/ca-certificates.crt
+              readOnly: true
+      volumes:
+        - name: ca-certificates
+          hostPath:
+            path: "{{ defaults_ca_certificates_path }}"
   grafana:
     adminPassword: "{{ kube_prometheus_stack_grafana_admin_password }}"
     extraSecretMounts:
@@ -342,6 +350,14 @@
             - containerPort: 8082
               name: oauth2-metrics
               protocol: TCP
+          volumeMounts:
+            - name: ca-certificates
+              mountPath: /etc/ssl/certs/ca-certificates.crt
+              readOnly: true
+      volumes:
+        - name: ca-certificates
+          hostPath:
+            path: "{{ defaults_ca_certificates_path }}"
     additionalServiceMonitors:
       - name: ceph
         jobLabel: application
commit	18adb06c77ddbea79440cfb2170670c213671fac	[log] [tgz]
author	vexxhost-bot <105816074+vexxhost-bot@users.noreply.github.com>	Wed Jun 12 05:25:12 2024 +0200
committer	GitHub <noreply@github.com>	Wed Jun 12 03:25:12 2024 +0000
tree	cd624abe235f5f52d9750e183d183d3ee27831c0
parent	9f370df6afc9b2377c4cce456d7b618e6705c027 [diff]