Ability to disable fernet_rotate cronjob

Change-Id: I5f31259d243b39412a1b884201a8b46a29d353d5

Author: sorrison

Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: keystone
 description: A Helm chart for Openstack Keystone
 type: application
-version: 1.0.0
+version: 1.0.1
 appVersion: 25.0.0-14-g155f38a86-5-9
 dependencies:
 - name: common

templates/cronjob-fernet-rotate.yaml

@@ -1,4 +1,5 @@
 {{- $serviceAccountName := "keystone-fernet-rotate" }}
+{{- if .Values.job.fernet_rotate.enabled }}
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -104,3 +105,4 @@ spec:
             - name: keystone-bin
               configMap:
                 name: keystone-bin
+{{- end }}

values.yaml

@@ -79,6 +79,7 @@ job:
     args:
       - '--expand'
   fernet_rotate:
+    enabled: true
     # NOTE(rk760n): key rotation frequency, token expiration, active keys, and allow_expired_window should statisfy the formula
     # max_active_keys = ((token_expiration + allow_expired_window) / rotation_frequency) + 2
     # As expiration is 12h, max_active_keys is 7 and allow_expired_window is 48h by default,