From eca5c24858ee598bba9d8f09c8266b4f6c615ac6 Mon Sep 17 00:00:00 2001
From: fserucas <fserucas@redhat.com>
Date: Mon, 9 Sep 2024 16:30:17 +0100
Subject: [PATCH] Add corporate certs mount to zuul-web deployment

Change-Id: I16d08d83dbbef1a744fef1c27d9dc5efdadcbacf
---
 controllers/zuul.go        | 19 ++++++++++++-------
 doc/reference/CHANGELOG.md |  3 +++
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/controllers/zuul.go b/controllers/zuul.go
index 0fa715c..235e67b 100644
--- a/controllers/zuul.go
+++ b/controllers/zuul.go
@@ -690,17 +690,22 @@ func (r *SFController) EnsureZuulWeb(cfg *ini.File) bool {
 	authSections := utils.IniGetSectionNamesByPrefix(cfg, "auth")
 	sections = append(sections, authSections...)
 	sections = append(sections, "web")
+
+	// Check if Corporate Certificate exists
+	corporateCM, corporateCMExists := r.CorporateCAConfigMapExists()
+
 	annotations := map[string]string{
-		"zuul-common-config":    utils.IniSectionsChecksum(cfg, commonIniConfigSections),
-		"zuul-component-config": utils.IniSectionsChecksum(cfg, sections),
-		"zuul-image":            getZuulImage("zuul-web"),
-		"serial":                "6",
-		"zuul-logging":          utils.Checksum([]byte(r.getZuulLoggingString("zuul-web"))),
-		"zuul-connections":      utils.IniSectionsChecksum(cfg, utils.IniGetSectionNamesByPrefix(cfg, "connection")),
+		"zuul-common-config":         utils.IniSectionsChecksum(cfg, commonIniConfigSections),
+		"zuul-component-config":      utils.IniSectionsChecksum(cfg, sections),
+		"zuul-image":                 getZuulImage("zuul-web"),
+		"serial":                     "6",
+		"zuul-logging":               utils.Checksum([]byte(r.getZuulLoggingString("zuul-web"))),
+		"zuul-connections":           utils.IniSectionsChecksum(cfg, utils.IniGetSectionNamesByPrefix(cfg, "connection")),
+		"corporate-ca-certs-version": getCMVersion(corporateCM, corporateCMExists),
 	}
 
 	zw := base.MkDeployment("zuul-web", r.ns, "", r.cr.Spec.ExtraLabels)
-	zuulContainer := r.mkZuulContainer("zuul-web", false)
+	zuulContainer := r.mkZuulContainer("zuul-web", corporateCMExists)
 	annotations["limits"] = base.UpdateContainerLimit(r.cr.Spec.Zuul.Web.Limits, &zuulContainer)
 	zw.Spec.Template.Spec.Containers = []apiv1.Container{zuulContainer}
 	zw.Spec.Template.Spec.Volumes = mkZuulVolumes("zuul-web", r, false)
diff --git a/doc/reference/CHANGELOG.md b/doc/reference/CHANGELOG.md
index 2eb7acd..a153070 100644
--- a/doc/reference/CHANGELOG.md
+++ b/doc/reference/CHANGELOG.md
@@ -5,6 +5,9 @@ All notable changes to this project will be documented in this file.
 ## [in development]
 
 ### Added
+
+- zuul: add corporate certs to zuul-web
+
 ### Removed
 ### Changed
 ### Fixed