From 1f971707ada066650d81e09b41c325cd6ab6f134 Mon Sep 17 00:00:00 2001
From: Phillip Schichtel <phillip@schich.tel>
Date: Mon, 31 Jul 2023 03:10:43 +0200
Subject: [PATCH 1/5] Copy tls.crt to ca.crt always unless ca.crt exists

Previously the init container only copied tls.crt to ca.crt after
generating a new certificate. When using cert-manager with an ACME
issuer to generate a certificate, the resulting secret will also not
have a ca.crt. When doing the copy like this, both cases would be
covered without impacting other cases.
---
 templates/statefulset.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/statefulset.yaml b/templates/statefulset.yaml
index 42ae4cd..d4fd1dc 100644
--- a/templates/statefulset.yaml
+++ b/templates/statefulset.yaml
@@ -53,10 +53,10 @@ spec:
             - |
               {{- if not .Values.customTLS.enabled}}
               openssl req -x509 -newkey rsa:4096 -nodes -subj '/CN={{ .Values.global.ldapDomain }}' -keyout /tmp-certs/tls.key -out /tmp-certs/tls.crt -days 365
-              cp /tmp-certs/tls.crt /tmp-certs/ca.crt
               chmod 777  /tmp-certs/*
               {{- end }}
               cp -Lr /tmp-certs/* /certs
+              [ -e /certs/ca.crt ] || cp -a /certs/{tls,ca}.crt
           volumeMounts:
             - name: certs
               mountPath: "/certs"

From 7fd20579b1ad7f1e6c0ab9d7d057346452e4d024 Mon Sep 17 00:00:00 2001
From: Phillip Schichtel <pschichtel@users.noreply.github.com>
Date: Tue, 29 Aug 2023 16:36:55 +0200
Subject: [PATCH 2/5] Don't assume bassh

Co-authored-by: Ween Jiann <16207788+lwj5@users.noreply.github.com>
---
 templates/statefulset.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/statefulset.yaml b/templates/statefulset.yaml
index d4fd1dc..923a9e4 100644
--- a/templates/statefulset.yaml
+++ b/templates/statefulset.yaml
@@ -56,7 +56,7 @@ spec:
               chmod 777  /tmp-certs/*
               {{- end }}
               cp -Lr /tmp-certs/* /certs
-              [ -e /certs/ca.crt ] || cp -a /certs/{tls,ca}.crt
+              [ -e /certs/ca.crt ] || cp -a /certs/tls.crt /certs/ca.crt
           volumeMounts:
             - name: certs
               mountPath: "/certs"

From aec75bee5b1801f1c9877a942f5e344f103d3ce2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=BD=95=E5=BB=B6=E9=BE=99?= <hey.yanlong@gmail.com>
Date: Wed, 20 Sep 2023 10:45:41 +0800
Subject: [PATCH 3/5] Update ci.yml

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index d3d6ea2..8384129 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -22,7 +22,7 @@ jobs:
         run: |
           curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.11.1/kind-linux-amd64
           chmod +x /tmp/kind
-          /tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.23.0@sha256:49824ab1727c04e56a21a5d8372a402fcd32ea51ac96a2706a12af38934f81ac
+          /tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.28.0@sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c
           kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
           kubectl patch daemonsets -n projectcontour envoy -p '{"spec":{"template":{"spec":{"nodeSelector":{"ingress-ready":"true"}}}}}'
       - name: setup chaos mesh

From 82b261414704077b92b1bdfd61327058e52e8778 Mon Sep 17 00:00:00 2001
From: heyanlong <hey.yanlong@gmail.com>
Date: Wed, 20 Sep 2023 15:32:54 +0800
Subject: [PATCH 4/5] update version

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8384129..e1e636a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ jobs:
       - name: setup cluster
         shell: bash
         run: |
-          curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.11.1/kind-linux-amd64
+          curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
           chmod +x /tmp/kind
           /tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.28.0@sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c
           kubectl apply -f https://projectcontour.io/quickstart/contour.yaml

From ac2f68858ffe5e330db9309eacf998d7fd0322a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=BD=95=E5=BB=B6=E9=BE=99?= <hey.yanlong@gmail.com>
Date: Thu, 21 Sep 2023 10:06:39 +0800
Subject: [PATCH 5/5] Update ci.yml

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e1e636a..08a490a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -28,7 +28,7 @@ jobs:
       - name: setup chaos mesh
         shell: bash
         run: |
-          curl -sSL https://mirrors.chaos-mesh.org/v2.1.3/install.sh  | bash -s -- --local kind
+          curl -sSL https://mirrors.chaos-mesh.org/v2.6.2/install.sh  | bash -s -- --local kind
       - name: setup certs
         shell: bash
         run: |