From 65b0a7cf83e78b2c24ca56377f8aac78d0fd3496 Mon Sep 17 00:00:00 2001
From: Warren Hodgkinson <warren.hodgkinson@gmail.com>
Date: Wed, 26 Feb 2025 14:06:52 -0800
Subject: [PATCH] Removed unused certificate mounts from helm chart (#6581)

---
 k8s/charts/seaweedfs/Chart.yaml                |  2 +-
 .../seaweedfs/templates/filer-statefulset.yaml | 16 ++++------------
 .../templates/master-statefulset.yaml          | 18 ------------------
 .../templates/volume-statefulset.yaml          |  9 ---------
 4 files changed, 5 insertions(+), 40 deletions(-)

diff --git a/k8s/charts/seaweedfs/Chart.yaml b/k8s/charts/seaweedfs/Chart.yaml
index 6f20d7a74..9d893a980 100644
--- a/k8s/charts/seaweedfs/Chart.yaml
+++ b/k8s/charts/seaweedfs/Chart.yaml
@@ -3,4 +3,4 @@ description: SeaweedFS
 name: seaweedfs
 appVersion: "3.85"
 # Dev note: Trigger a helm chart release by `git tag -a helm-<version>`
-version: 4.0.385
+version: 4.0.386
diff --git a/k8s/charts/seaweedfs/templates/filer-statefulset.yaml b/k8s/charts/seaweedfs/templates/filer-statefulset.yaml
index 304d746d8..abbf89416 100644
--- a/k8s/charts/seaweedfs/templates/filer-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/filer-statefulset.yaml
@@ -248,19 +248,15 @@ spec:
             - name: ca-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/ca/
-            - name: master-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/master/
-            - name: volume-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/volume/
             - name: filer-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/filer/
+            {{- if .Values.filer.s3.enabled }}
             - name: client-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/client/
             {{- end }}
+            {{- end }}
             {{ tpl .Values.filer.extraVolumeMounts . | nindent 12 | trim }}
           ports:
             - containerPort: {{ .Values.filer.port }}
@@ -367,19 +363,15 @@ spec:
         - name: ca-cert
           secret:
             secretName: {{ template "seaweedfs.name" . }}-ca-cert
-        - name: master-cert
-          secret:
-            secretName: {{ template "seaweedfs.name" . }}-master-cert
-        - name: volume-cert
-          secret:
-            secretName: {{ template "seaweedfs.name" . }}-volume-cert
         - name: filer-cert
           secret:
             secretName: {{ template "seaweedfs.name" . }}-filer-cert
+        {{- if .Values.filer.s3.enabled }}
         - name: client-cert
           secret:
             secretName: {{ template "seaweedfs.name" . }}-client-cert
         {{- end }}
+        {{- end }}
         {{ tpl .Values.filer.extraVolumes . | indent 8 | trim }}
       {{- if .Values.filer.nodeSelector }}
       nodeSelector:
diff --git a/k8s/charts/seaweedfs/templates/master-statefulset.yaml b/k8s/charts/seaweedfs/templates/master-statefulset.yaml
index c46d37166..719895559 100644
--- a/k8s/charts/seaweedfs/templates/master-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/master-statefulset.yaml
@@ -191,15 +191,6 @@ spec:
             - name: master-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/master/
-            - name: volume-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/volume/
-            - name: filer-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/filer/
-            - name: client-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/client/
             {{- end }}
             {{ tpl .Values.master.extraVolumeMounts . | nindent 12 | trim }}
           ports:
@@ -289,15 +280,6 @@ spec:
         - name: master-cert
           secret:
             secretName: {{ template "seaweedfs.name" . }}-master-cert
-        - name: volume-cert
-          secret:
-            secretName: {{ template "seaweedfs.name" . }}-volume-cert
-        - name: filer-cert
-          secret:
-            secretName: {{ template "seaweedfs.name" . }}-filer-cert
-        - name: client-cert
-          secret:
-            secretName: {{ template "seaweedfs.name" . }}-client-cert
         {{- end }}
         {{ tpl .Values.master.extraVolumes . | indent 8 | trim }}
       {{- if .Values.master.nodeSelector }}
diff --git a/k8s/charts/seaweedfs/templates/volume-statefulset.yaml b/k8s/charts/seaweedfs/templates/volume-statefulset.yaml
index e915593a5..8cefe14c7 100644
--- a/k8s/charts/seaweedfs/templates/volume-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/volume-statefulset.yaml
@@ -207,18 +207,9 @@ spec:
             - name: ca-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/ca/
-            - name: master-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/master/
             - name: volume-cert
               readOnly: true
               mountPath: /usr/local/share/ca-certificates/volume/
-            - name: filer-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/filer/
-            - name: client-cert
-              readOnly: true
-              mountPath: /usr/local/share/ca-certificates/client/
             {{- end }}
             {{ tpl .Values.volume.extraVolumeMounts . | nindent 12 | trim }}
           ports: