From 61622307901368a1aadc4fee95444e44d638225b Mon Sep 17 00:00:00 2001
From: muicoder <muicoder@gmail.com>
Date: Wed, 5 Jul 2023 12:06:57 +0800
Subject: [PATCH] Use env to load the TLS certificate

Signed-off-by: muicoder <muicoder@gmail.com>
---
 k8sutils/redis.go       |  5 +++--
 k8sutils/statefulset.go | 23 +++--------------------
 2 files changed, 6 insertions(+), 22 deletions(-)

diff --git a/k8sutils/redis.go b/k8sutils/redis.go
index 98bca5dd0..a05a6a299 100644
--- a/k8sutils/redis.go
+++ b/k8sutils/redis.go
@@ -120,8 +120,9 @@ func getRedisTLSArgs(tlsConfig *redisv1beta1.TLSConfig, clientHost string) []str
 	cmd := []string{}
 	if tlsConfig != nil {
 		cmd = append(cmd, "--tls")
-		cmd = append(cmd, "--cacert")
-		cmd = append(cmd, "/tls/ca.crt")
+		cmd = append(cmd, "--cacert", "$(REDIS_TLS_CA_KEY)")
+		cmd = append(cmd, "--cert", "$(REDIS_TLS_CERT)")
+		cmd = append(cmd, "--key", "$(REDIS_TLS_CERT_KEY)")
 		cmd = append(cmd, "-h")
 		cmd = append(cmd, clientHost)
 	}
diff --git a/k8sutils/statefulset.go b/k8sutils/statefulset.go
index 215346522..02604e3f9 100644
--- a/k8sutils/statefulset.go
+++ b/k8sutils/statefulset.go
@@ -574,29 +574,12 @@ func getProbeInfo(params containerParameters, probeType string) *corev1.Probe {
 	}
 
 	if params.TLSConfig != nil {
-		root := "/tls/"
-
-		// get and set Defaults
-		caCert := "ca.crt"
-		tlsCert := "tls.crt"
-		tlsCertKey := "tls.key"
-
-		if params.TLSConfig.CaKeyFile != "" {
-			caCert = params.TLSConfig.CaKeyFile
-		}
-		if params.TLSConfig.CertKeyFile != "" {
-			tlsCert = params.TLSConfig.CertKeyFile
-		}
-		if params.TLSConfig.KeyFile != "" {
-			tlsCertKey = params.TLSConfig.KeyFile
-		}
-
 		probeCommand = []string{
 			"redis-cli", "-p", strconv.Itoa(probePort),
 			"--tls",
-			"--cacert", path.Join(root, caCert),
-			"--cert", path.Join(root, tlsCert),
-			"--key", path.Join(root, tlsCertKey),
+			"--cacert", "$(REDIS_TLS_CA_KEY)",
+			"--cert", "$(REDIS_TLS_CERT)",
+			"--key", "$(REDIS_TLS_CERT_KEY)",
 			"ping",
 		}
 	}