mgr/cephadm: enable setting up SSL/TLS files for keybridge sidecar

author John Mulligan <jmulligan@redhat.com>

Fri, 18 Jul 2025 16:20:29 +0000 (12:20 -0400)

committer Avan Thakkar <athakkar@redhat.com>

Thu, 27 Nov 2025 15:07:27 +0000 (20:37 +0530)
author John Mulligan <jmulligan@redhat.com>
Fri, 18 Jul 2025 16:20:29 +0000 (12:20 -0400)
committer Avan Thakkar <athakkar@redhat.com>
Thu, 27 Nov 2025 15:07:27 +0000 (20:37 +0530)
diff --git a/src/pybind/mgr/cephadm/services/smb.py b/src/pybind/mgr/cephadm/services/smb.py

index 4b6f6b5c6d2ea79c25c4af53a0de3610712eab0e..a9e4fd4c7bfaa1394effdeddca711782b567eb4a 100644 (file)
--- a/src/pybind/mgr/cephadm/services/smb.py
+++ b/src/pybind/mgr/cephadm/services/smb.py
@@ -179,6 +179,23 @@ class SMBService(CephService):
                  'remote_control.ca.crt',
                  self._cert_or_uri(smb_spec.remote_control_ca_cert),
              )
+        if 'keybridge' in smb_spec.features:
+            files = config_blobs.setdefault('files', {})
+            _add_cfg(
+                files,
+                'keybridge.ssl.crt',
+                self._cert_or_uri(smb_spec.keybridge_kmip_ssl_cert),
+            )
+            _add_cfg(
+                files,
+                'keybridge.ssl.key',
+                self._cert_or_uri(smb_spec.keybridge_kmip_ssl_key),
+            )
+            _add_cfg(
+                files,
+                'keybridge.ca.crt',
+                self._cert_or_uri(smb_spec.keybridge_kmip_ca_cert),
+            )
  
          logger.debug('smb generate_config: %r', config_blobs)
          self._configure_cluster_meta(smb_spec, daemon_spec)
author	John Mulligan <jmulligan@redhat.com>
	Fri, 18 Jul 2025 16:20:29 +0000 (12:20 -0400)
committer	Avan Thakkar <athakkar@redhat.com>
	Thu, 27 Nov 2025 15:07:27 +0000 (20:37 +0530)