[stable/2023.1] fix: add CA mounts in the Prometheus oauth2 container (#1334) This is an automated cherry-pick of #1329 /assign mnaser

commit: 3dabb2dcac35554ac1ca82e609ab158b52f69cbb [log] [tgz]
author: vexxhost-bot <105816074+vexxhost-bot@users.noreply.github.com> Mon Jun 17 15:43:23 2024 +0200
committer: GitHub <noreply@github.com> Mon Jun 17 13:43:23 2024 +0000
tree: a45d7e1c3f307443ff63ff437b639aa41864c333
parent: 9d49b42347c792de0ca065e7cadd7cfc713dbd6a [diff]
diff --git a/roles/kube_prometheus_stack/vars/main.yml b/roles/kube_prometheus_stack/vars/main.yml
index e638d22..4cf2386 100644
--- a/roles/kube_prometheus_stack/vars/main.yml
+++ b/roles/kube_prometheus_stack/vars/main.yml

@@ -133,6 +133,14 @@
             - containerPort: 8082
               name: oauth2-metrics
               protocol: TCP
+          volumeMounts:
+            - name: ca-certificates
+              mountPath: /etc/ssl/certs/ca-certificates.crt
+              readOnly: true
+      volumes:
+        - name: ca-certificates
+          hostPath:
+            path: "{{ defaults_ca_certificates_path }}"
   grafana:
     adminPassword: "{{ kube_prometheus_stack_grafana_admin_password }}"
     extraSecretMounts:
@@ -342,6 +350,14 @@
             - containerPort: 8082
               name: oauth2-metrics
               protocol: TCP
+          volumeMounts:
+            - name: ca-certificates
+              mountPath: /etc/ssl/certs/ca-certificates.crt
+              readOnly: true
+      volumes:
+        - name: ca-certificates
+          hostPath:
+            path: "{{ defaults_ca_certificates_path }}"
     additionalServiceMonitors:
       - name: ceph
         jobLabel: application
commit	3dabb2dcac35554ac1ca82e609ab158b52f69cbb	[log] [tgz]
author	vexxhost-bot <105816074+vexxhost-bot@users.noreply.github.com>	Mon Jun 17 15:43:23 2024 +0200
committer	GitHub <noreply@github.com>	Mon Jun 17 13:43:23 2024 +0000
tree	a45d7e1c3f307443ff63ff437b639aa41864c333
parent	9d49b42347c792de0ca065e7cadd7cfc713dbd6a [diff]