diff --git a/applications/mlflow/charts/mlflow/README.md b/applications/mlflow/charts/mlflow/README.md index 721fadbf..235a932c 100644 --- a/applications/mlflow/charts/mlflow/README.md +++ b/applications/mlflow/charts/mlflow/README.md @@ -835,7 +835,7 @@ When making changes to the MLflow Helm chart, corresponding updates may be neede | mlflow.image.repository | string | `"mlflow/mlflow"` | Image repository | | mlflow.image.tag | string | `"v3.3.2"` | Image tag | | mlflow.imagePullSecets | list | `[]` | Image pull secrets | -| mlflow.ingress | object | `{"annotations":{},"className":"nginx","enabled":false,"extraHosts":[],"extraPaths":[],"extraRules":[],"extraTls":[],"hostname":"chart-example.local","path":"/","pathType":"ImplementationSpecific","tls":{"cert":"-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----\n","enabled":false,"genSelfSignedCert":false,"key":"-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----\n"}}` | Mlflow Ingress configuration [[ref]](https://kubernetes.io/docs/concepts/services-networking/ingress/) | +| mlflow.ingress | object | `{"annotations":{},"className":"nginx","enabled":false,"extraHosts":[],"extraPaths":[],"extraRules":[],"extraTls":[],"hostname":"chart-example.local","path":"/","pathType":"ImplementationSpecific","tls":{"cert":"REPLACE_WITH_YOUR_PEM_ENCODED_TLS_CERTIFICATE","enabled":false,"genSelfSignedCert":false,"key":"REPLACE_WITH_YOUR_PEM_ENCODED_TLS_PRIVATE_KEY"}}` | Mlflow Ingress configuration [[ref]](https://kubernetes.io/docs/concepts/services-networking/ingress/) | | mlflow.ingress.annotations | object | `{}` | Annotations to add to the ingress | | mlflow.ingress.className | string | `"nginx"` | Ingress class name | | mlflow.ingress.enabled | bool | `false` | Specifies whether a ingress should be created | @@ -846,7 +846,7 @@ When making changes to the MLflow Helm chart, corresponding updates may be neede | mlflow.ingress.hostname | string | `"chart-example.local"` | Ingress hostname | | mlflow.ingress.path | string | `"/"` | Ingress path | | mlflow.ingress.pathType | string | `"ImplementationSpecific"` | Ingress path type | -| mlflow.ingress.tls | object | `{"cert":"-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----\n","enabled":false,"genSelfSignedCert":false,"key":"-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----\n"}` | Ingress TLS configuration | +| mlflow.ingress.tls | object | `{"cert":"REPLACE_WITH_YOUR_PEM_ENCODED_TLS_CERTIFICATE","enabled":false,"genSelfSignedCert":false,"key":"REPLACE_WITH_YOUR_PEM_ENCODED_TLS_PRIVATE_KEY"}` | Ingress TLS configuration | | mlflow.ingress.tls.enabled | bool | `false` | Specifies whether to enable TLS | | mlflow.ingress.tls.genSelfSignedCert | bool | `false` | Specifies whether to generate self-signed certificate | | mlflow.labels | object | `{}` | Labels to add to the mlflow deployment | diff --git a/applications/mlflow/charts/mlflow/values.yaml b/applications/mlflow/charts/mlflow/values.yaml index 4bb56250..b6e01b47 100644 --- a/applications/mlflow/charts/mlflow/values.yaml +++ b/applications/mlflow/charts/mlflow/values.yaml @@ -220,12 +220,12 @@ mlflow: enabled: false # -- Specifies whether to generate self-signed certificate genSelfSignedCert: false - cert: | - -----BEGIN CERTIFICATE----- - -----END CERTIFICATE----- - key: | - -----BEGIN PRIVATE KEY----- - -----END PRIVATE KEY----- + # -- PEM-encoded TLS certificate. Replace the placeholder with your real + # certificate (or set genSelfSignedCert: true to generate one). + cert: "REPLACE_WITH_YOUR_PEM_ENCODED_TLS_CERTIFICATE" + # -- PEM-encoded TLS private key. Replace the placeholder with your real key + # (or set genSelfSignedCert: true to generate one). + key: "REPLACE_WITH_YOUR_PEM_ENCODED_TLS_PRIVATE_KEY" # -- Extra hosts to configure for the ingress object extraHosts: [] # -- Extra paths to configure for the ingress object diff --git a/patterns/self-signed-vs-user-provided-tls/README.md b/patterns/self-signed-vs-user-provided-tls/README.md index de3fbc82..a79f8e27 100644 --- a/patterns/self-signed-vs-user-provided-tls/README.md +++ b/patterns/self-signed-vs-user-provided-tls/README.md @@ -14,12 +14,10 @@ ingress: tls: enabled: true genSelfSignedCert: true - cert: | - -----BEGIN CERTIFICATE----- - -----END CERTIFICATE----- - key: | - -----BEGIN PRIVATE KEY----- - -----END PRIVATE KEY----- + # Replace the placeholders with your real PEM-encoded cert/key, or set + # genSelfSignedCert: true to have them generated and omit these. + cert: "REPLACE_WITH_YOUR_PEM_ENCODED_TLS_CERTIFICATE" + key: "REPLACE_WITH_YOUR_PEM_ENCODED_TLS_PRIVATE_KEY" ``` 2. Add a tls secret to your chart and implement the templating to conditionally choose between user-provided and self-signed