diff --git a/src/main/helm/templates/certificate.yaml b/src/main/helm/templates/certificate.yaml
index 2e711fd20a731f19e17fac1fa1cbb11257d041e7..350e7cc5469f8e2fc84e787edf7c6e2101cb2755 100644
--- a/src/main/helm/templates/certificate.yaml
+++ b/src/main/helm/templates/certificate.yaml
@@ -33,8 +33,8 @@ spec:
issuerRef:
name: user-manager-issuer
kind: Issuer
- duration: 8760h0m0s
- renewBefore: 720h0m0s
+ duration: 8760h0m0s # 1 Jahr
+ renewBefore: 5840h0m0s # 8 Monate
commonName: {{ .Release.Name }}
dnsNames:
- "*.{{ .Release.Name }}.{{ include "app.namespace" . }}.svc.cluster.local"
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 70fdfc86a1434988821a3a276710a9f900247ff9..f085952e265c3fed3ca07165d1949e3e06847641 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -194,12 +194,7 @@ spec:
volumeMounts:
{{- if not .Values.disableGrpcServerTls }}
- name: user-manager-tls-certificate
- mountPath: "/user-manager-tls-certificate/tls.crt"
- subPath: tls.crt
- readOnly: true
- - name: user-manager-tls-certificate
- mountPath: "/user-manager-tls-certificate/tls.key"
- subPath: tls.key
+ mountPath: "/user-manager-tls-certificate"
readOnly: true
{{- end }}
{{- if not .Values.disableNamespaceTruststore }}
diff --git a/src/main/helm/templates/truststore/init_truststore_rbac.yaml b/src/main/helm/templates/truststore/init_truststore_rbac.yaml
index 1416ce9322666ce49ac7153d4d088918cca5884e..5d0de6ab93608620ac3e4d9eda457475ab528de4 100644
--- a/src/main/helm/templates/truststore/init_truststore_rbac.yaml
+++ b/src/main/helm/templates/truststore/init_truststore_rbac.yaml
@@ -57,7 +57,7 @@ rules:
resources:
- jobs
resourceNames:
- - init-user-manager-truststore-job
+ - create-user-manager-truststore
verbs:
- patch
- get
diff --git a/src/test/helm/certificate_test.yaml b/src/test/helm/certificate_test.yaml
index 0fe136c561849439f67b32d1f51bd92eda6de2bd..594ec04ccdf1e359e77a54e3c39de44b65e1af83 100644
--- a/src/test/helm/certificate_test.yaml
+++ b/src/test/helm/certificate_test.yaml
@@ -65,7 +65,7 @@ tests:
asserts:
- equal:
path: spec.renewBefore
- value: 720h0m0s
+ value: 5840h0m0s
- it: should have commonName
asserts:
- equal:
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index 075a249b8f40a9f6e7b631a3fd1dd0b8adcc3dc0..521161e89a666653099a07f8c28f897c053e5db0 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -44,15 +44,7 @@ tests:
path: spec.template.spec.containers[0].volumeMounts
content:
name: user-manager-tls-certificate
- mountPath: "/user-manager-tls-certificate/tls.crt"
- subPath: tls.crt
- readOnly: true
- - contains:
- path: spec.template.spec.containers[0].volumeMounts
- content:
- name: user-manager-tls-certificate
- mountPath: "/user-manager-tls-certificate/tls.key"
- subPath: tls.key
+ mountPath: "/user-manager-tls-certificate"
readOnly: true
- it: should have volumes for user-manager root certificate
diff --git a/src/test/helm/truststore/init_truststore_rbac_test.yaml b/src/test/helm/truststore/init_truststore_rbac_test.yaml
index f50cd8c4c2582085bb51c9005c6de3ace8b26f3d..a81aa9eb1ed3f9f0ea76cdcca8034d3b21eeeac7 100644
--- a/src/test/helm/truststore/init_truststore_rbac_test.yaml
+++ b/src/test/helm/truststore/init_truststore_rbac_test.yaml
@@ -109,7 +109,7 @@ tests:
resources:
- jobs
resourceNames:
- - init-user-manager-truststore-job
+ - create-user-manager-truststore
verbs:
- patch
- get