From 43ca8e4d51ab097ac283208b2e252ccd11fad013 Mon Sep 17 00:00:00 2001
From: okozachenko1203 <okozachenko1203@users.noreply.github.com>
Date: Wed, 24 Jan 2024 01:18:15 +1100
Subject: [PATCH] support http endpoints

---
 magnum_cluster_api/manifests/keystone-auth/keystone-auth.yaml | 2 ++
 magnum_cluster_api/resources.py                               | 1 +
 2 files changed, 3 insertions(+)

diff --git a/magnum_cluster_api/manifests/keystone-auth/keystone-auth.yaml b/magnum_cluster_api/manifests/keystone-auth/keystone-auth.yaml
index 78531a02..f421a498 100644
--- a/magnum_cluster_api/manifests/keystone-auth/keystone-auth.yaml
+++ b/magnum_cluster_api/manifests/keystone-auth/keystone-auth.yaml
@@ -121,8 +121,10 @@ spec:
             - {{ auth_url }}
             - --sync-configmap-name
             - keystone-sync-policy
+            {% if cloud_ca %}
             - --keystone-ca-file
             - /etc/kubernetes/cloud_ca.crt
+           {% endif %}
             - --listen
             - 127.0.0.1:8443
           volumeMounts:
diff --git a/magnum_cluster_api/resources.py b/magnum_cluster_api/resources.py
index 86109051..43f52cc3 100644
--- a/magnum_cluster_api/resources.py
+++ b/magnum_cluster_api/resources.py
@@ -345,6 +345,7 @@ def get_object(self) -> pykube.ConfigMap:
                         repository=repository,
                         auth_url=auth_url + ("" if auth_url.endswith("/v3") else "/v3"),
                         policy=utils.get_keystone_auth_default_policy(self.cluster),
+                        cloud_ca=True if utils.get_cloud_ca_cert() else False,
                     )
                 },
             }