diff --git a/charts/fulcio/README.md b/charts/fulcio/README.md index 81e1e1c9..7af392e6 100644 --- a/charts/fulcio/README.md +++ b/charts/fulcio/README.md @@ -115,7 +115,7 @@ helm uninstall [RELEASE_NAME] | server.affinity | object | `{}` | | | server.args.aws_hsm_root_ca_path | string | `nil` | | | server.args.certificateAuthority | string | `"fileca"` | | -| server.args.creds | string | `""` | | +| server.args.cloud_credential_config | string | `""` | | | server.args.ct_log_url | string | `""` | | | server.args.disable_ct_log | bool | `false` | | | server.args.gcp_private_ca_parent | string | `"projects/test/locations/us-east1/caPools/test"` | | diff --git a/charts/fulcio/templates/fulcio-configmap.yaml b/charts/fulcio/templates/fulcio-configmap.yaml index afdcc324..a54fe005 100644 --- a/charts/fulcio/templates/fulcio-configmap.yaml +++ b/charts/fulcio/templates/fulcio-configmap.yaml @@ -20,4 +20,6 @@ data: {{- if (eq .Values.server.args.certificateAuthority "kmsca")}} chain.pem: {{.Values.server.args.kms_cert_chain | quote }} {{- end }} - cloud_credentials: {{.Values.server.args.creds | quote }} + {{- if .Values.server.args.cloud_credential_config }} + cloud_credential_config: {{.Values.server.args.cloud_credential_config | quote }} + {{- end }} diff --git a/charts/fulcio/values.yaml b/charts/fulcio/values.yaml index 6cf77e22..5a46357b 100644 --- a/charts/fulcio/values.yaml +++ b/charts/fulcio/values.yaml @@ -28,7 +28,7 @@ server: port: 5555 grpcPort: 5554 # valid values: GCP workload identity config json for trusted external cloud providers - creds: "" + cloud_credential_config: "" # Valid values: googleca, pkcs11ca, aws-hsm-root-ca-path, fileca, kmsca certificateAuthority: fileca # kms_resource: gcpkms://....