From d4639408cbc206127b85550c74f07930557d074b Mon Sep 17 00:00:00 2001
From: jmlrt <8582351+jmlrt@users.noreply.github.com>
Date: Wed, 7 Sep 2022 14:09:10 +0200
Subject: [PATCH] a bit of refactoring

---
 kibana/examples/security/test/goss.yaml | 2 --
 kibana/examples/security/values.yaml    | 2 --
 kibana/templates/deployment.yaml        | 6 ++++++
 kibana/values.yaml                      | 9 ++++-----
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/kibana/examples/security/test/goss.yaml b/kibana/examples/security/test/goss.yaml
index fad29aa70..c0be5562b 100644
--- a/kibana/examples/security/test/goss.yaml
+++ b/kibana/examples/security/test/goss.yaml
@@ -12,8 +12,6 @@ file:
   /usr/share/kibana/config/kibana.yml:
     exists: true
     contains:
-      - 'elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/config/certs/elastic-certificate.pem"]'
-      - "elasticsearch.ssl.verificationMode: certificate"
       - "server.ssl.certificate: /usr/share/kibana/config/certs/elastic-certificate.pem"
       - "server.ssl.enabled: true"
       - "server.ssl.key: /usr/share/kibana/config/certs/elastic-certificate.pem"
diff --git a/kibana/examples/security/values.yaml b/kibana/examples/security/values.yaml
index 1b05db63a..13b1094ab 100644
--- a/kibana/examples/security/values.yaml
+++ b/kibana/examples/security/values.yaml
@@ -13,8 +13,6 @@ extraEnvs:
 
 kibanaConfig:
   kibana.yml: |
-    elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/config/certs/elastic-certificate.pem"]
-    elasticsearch.ssl.verificationMode: certificate
     server.ssl.certificate: /usr/share/kibana/config/certs/elastic-certificate.pem
     server.ssl.enabled: true
     server.ssl.key: /usr/share/kibana/config/certs/elastic-certificate.pem
diff --git a/kibana/templates/deployment.yaml b/kibana/templates/deployment.yaml
index e0be3d754..105d2d7ab 100644
--- a/kibana/templates/deployment.yaml
+++ b/kibana/templates/deployment.yaml
@@ -137,6 +137,12 @@ spec:
           - name: ELASTICSEARCH_HOSTS
             value: "{{ .Values.elasticsearchHosts }}"
           {{- end }}
+          - name: ELASTICSEARCH_SSL_CERTIFICATE
+            value: "{{ template "kibana.home_dir" . }}/config/certs/tls.crt"
+          - name: ELASTICSEARCH_SSL_KEY
+            value: "{{ template "kibana.home_dir" . }}/config/certs/tls.key"
+          - name: ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES
+            value: "{{ template "kibana.home_dir" . }}/config/certs/ca.crt"
           - name: SERVER_HOST
             value: "{{ .Values.serverHost }}"
 {{- if .Values.extraEnvs }}
diff --git a/kibana/values.yaml b/kibana/values.yaml
index 3f08e223c..b56c9c386 100644
--- a/kibana/values.yaml
+++ b/kibana/values.yaml
@@ -65,11 +65,10 @@ healthCheckPath: "/app/kibana"
 
 # Allows you to add any config files in /usr/share/kibana/config/
 # such as kibana.yml
-kibanaConfig:
-  kibana.yml: |
-    elasticsearch.ssl.certificate: /usr/share/kibana/config/certs/tls.crt
-    elasticsearch.ssl.key: /usr/share/kibana/config/certs/tls.key
-    elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/config/certs/ca.crt"]
+kibanaConfig: {}
+#   kibana.yml: |
+#     key:
+#       nestedkey: value
 
 # If Pod Security Policy in use it may be required to specify security context as well as service account