Merge branch 'master' into pr/7563

6 days ago · 182c1a5caf
3 changed files with 19 additions and 4 deletions
--- a/.github/workflows/container_release4.yml
+++ b/.github/workflows/container_release4.yml
@ -17,6 +17,18 @@ jobs:
      -
        name: Checkout
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v2
+      -
+        name: Free Disk Space
+        run: |
+          echo "Before cleanup:"
+          df -h
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo docker system prune -af
+          echo "After cleanup:"
+          df -h
      -
        name: Docker meta
        id: docker_meta
--- a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml
+++ b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml
@ -13,11 +13,11 @@ spec:
  secretName: {{ template "seaweedfs.name" . }}-ca-cert
  commonName: "{{ template "seaweedfs.name" . }}-root-ca"
  isCA: true
-  {{- if .Values.certificates.duration }}
-  duration: {{ .Values.certificates.duration }}
+  {{- if .Values.certificates.ca.duration }}
+  duration: {{ .Values.certificates.ca.duration }}
  {{- end }}
-  {{- if .Values.certificates.renewBefore }}
-  renewBefore: {{ .Values.certificates.renewBefore }}
+  {{- if .Values.certificates.ca.renewBefore }}
+  renewBefore: {{ .Values.certificates.ca.renewBefore }}
  {{- end }}
  issuerRef:
    name: {{ template "seaweedfs.name" . }}-issuer
--- a/k8s/charts/seaweedfs/values.yaml
+++ b/k8s/charts/seaweedfs/values.yaml
@ -1270,6 +1270,9 @@ certificates:
  keySize: 2048
  duration: 2160h  # 90d
  renewBefore: 360h  # 15d
+  ca:
+    duration: 87600h  # 10 years
+    renewBefore: 720h  # 30d
  externalCertificates:
    # This will avoid the need to use cert-manager and will rely on providing your own external certificates and CA
    # you will need to store your provided certificates in the secret read by the different services: