Create vencrypt certificate
diff --git a/charts/nova/Chart.yaml b/charts/nova/Chart.yaml
index f134982..5d90fc4 100644
--- a/charts/nova/Chart.yaml
+++ b/charts/nova/Chart.yaml
@@ -9,4 +9,4 @@
sources:
- https://opendev.org/openstack/nova
- https://opendev.org/openstack/openstack-helm
-version: 0.3.20
+version: 0.3.22
diff --git a/charts/nova/requirements.lock b/charts/nova/requirements.lock
index d624d95..fdddf60 100644
--- a/charts/nova/requirements.lock
+++ b/charts/nova/requirements.lock
@@ -3,4 +3,4 @@
repository: file://../../openstack-helm-infra/helm-toolkit
version: 0.2.54
digest: sha256:337a0f1ffb3eae591150b305c22293d85fb8c18abec78f56672de4f3ada2faae
-generated: "2023-08-30T19:05:56.252154184Z"
+generated: "2023-09-01T14:09:31.376571352Z"
diff --git a/charts/nova/templates/bin/_nova-console-proxy-init.sh.tpl b/charts/nova/templates/bin/_nova-console-proxy-init.sh.tpl
index f3eb9f3..f3522c9 100644
--- a/charts/nova/templates/bin/_nova-console-proxy-init.sh.tpl
+++ b/charts/nova/templates/bin/_nova-console-proxy-init.sh.tpl
@@ -19,7 +19,7 @@
console_kind="{{- .Values.console.console_kind -}}"
if [ "${console_kind}" == "novnc" ] ; then
- client_address="{{- .Values.conf.nova.vnc.vncserver_proxyclient_address -}}"
+ client_address="{{- .Values.conf.nova.vnc.server_proxyclient_address -}}"
client_interface="{{- .Values.console.novnc.vncproxy.vncserver_proxyclient_interface -}}"
listen_ip="{{- .Values.conf.nova.vnc.server_listen -}}"
elif [ "${console_kind}" == "spice" ] ; then
@@ -49,7 +49,7 @@
if [ "${console_kind}" == "novnc" ] ; then
cat <<EOF>/tmp/pod-shared/nova-vnc.ini
[vnc]
-vncserver_proxyclient_address = $client_address
+server_proxyclient_address = $client_address
server_listen = $listen_ip
novncproxy_host = $listen_ip
EOF
diff --git a/charts/nova/templates/certificates.yaml b/charts/nova/templates/certificates.yaml
index 39c98b0..a1385e3 100644
--- a/charts/nova/templates/certificates.yaml
+++ b/charts/nova/templates/certificates.yaml
@@ -12,14 +12,14 @@
limitations under the License.
*/}}
+{{- if (contains "vencrypt" .Values.conf.nova.vnc.auth_schemes) -}}
+{{ dict "envAll" . "service" "compute_novnc_vencrypt" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
+{{- end }}
{{- if .Values.manifests.certificates -}}
{{ dict "envAll" . "service" "compute" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
{{- if .Values.manifests.deployment_novncproxy }}
{{ dict "envAll" . "service" "compute_novnc_proxy" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
{{- end }}
-{{- if (contains "vencrypt" .Values.conf.nova.vnc.auth_schemes) -}}
-{{ dict "envAll" . "service" "compute_novnc_vencrypt" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
-{{- end }}
{{- if .Values.manifests.deployment_placement }}
{{ dict "envAll" . "service" "placement" "type" "internal" | include "helm-toolkit.manifests.certificates" }}
{{- end }}
diff --git a/roles/nova/meta/main.yml b/roles/nova/meta/main.yml
index 8267091..5e45003 100644
--- a/roles/nova/meta/main.yml
+++ b/roles/nova/meta/main.yml
@@ -29,6 +29,20 @@
- role: openstack_helm_endpoints
vars:
openstack_helm_endpoints_chart: nova
+ openstack_helm_endpoints_config:
+ compute_novnc_vencrypt:
+ hosts:
+ default: nova-novncproxy
+ host_fqdn_override:
+ default:
+ tls:
+ secretName: nova-novncproxy-vencrypt
+ commonName: nova-novncproxy
+ usages:
+ - client auth
+ issuerRef:
+ kind: Issuer
+ name: libvirt-vnc
- role: vexxhost.kubernetes.upload_helm_chart
vars:
upload_helm_chart_src: "{{ nova_helm_chart_path }}"