Use env to load the TLS certificate

Signed-off-by: muicoder <[email protected]>

k8sutils/redis.go

@@ -120,8 +120,9 @@ func getRedisTLSArgs(tlsConfig *redisv1beta1.TLSConfig, clientHost string) []str
 	cmd := []string{}
 	if tlsConfig != nil {
 		cmd = append(cmd, "--tls")
-		cmd = append(cmd, "--cacert")
-		cmd = append(cmd, "/tls/ca.crt")
+		cmd = append(cmd, "--cacert", "$(REDIS_TLS_CA_KEY)")
+		cmd = append(cmd, "--cert", "$(REDIS_TLS_CERT)")
+		cmd = append(cmd, "--key", "$(REDIS_TLS_CERT_KEY)")
 		cmd = append(cmd, "-h")
 		cmd = append(cmd, clientHost)
 	}

k8sutils/statefulset.go

@@ -574,29 +574,12 @@ func getProbeInfo(params containerParameters, probeType string) *corev1.Probe {
 	}
 
 	if params.TLSConfig != nil {
-		root := "/tls/"
-
-		// get and set Defaults
-		caCert := "ca.crt"
-		tlsCert := "tls.crt"
-		tlsCertKey := "tls.key"
-
-		if params.TLSConfig.CaKeyFile != "" {
-			caCert = params.TLSConfig.CaKeyFile
-		}
-		if params.TLSConfig.CertKeyFile != "" {
-			tlsCert = params.TLSConfig.CertKeyFile
-		}
-		if params.TLSConfig.KeyFile != "" {
-			tlsCertKey = params.TLSConfig.KeyFile
-		}
-
 		probeCommand = []string{
 			"redis-cli", "-p", strconv.Itoa(probePort),
 			"--tls",
-			"--cacert", path.Join(root, caCert),
-			"--cert", path.Join(root, tlsCert),
-			"--key", path.Join(root, tlsCertKey),
+			"--cacert", "$(REDIS_TLS_CA_KEY)",
+			"--cert", "$(REDIS_TLS_CERT)",
+			"--key", "$(REDIS_TLS_CERT_KEY)",
 			"ping",
 		}
 	}