Adding extraVolumeMounts to allow custom TLS verification for fulcio deployments

[sparikh205]

Description

Hey, I am using the fulcio helm charts as a dependency in my current implementation. Encountered a limitation when trying to include additional volume mounts. The issue originated with a TLS issue when using keycloak as an OIDC provider, because it was signed by an internal CA. The current chart does not seem to provide a way to set a CA to use for TLS verification, which is essential for my use case.

Is this just something we missed in the implementation?

If we did not miss something we would make the following Proposal:
I suggest modifying the chart to include parameters for custom volume mounts. This can be achieved by adding fields to the values.yaml file and updating the deployment templates and README.md accordingly.

Potential code changes:

• Include helm templating lines:

{{- if .Values.extraVolumeMounts }} 
    {{- toYaml .Values.extraVolumeMounts | nindent 10 }}
{{- end }}

Additonal resources:

• The TLS issue in particular has been mentioned here: TLS verification on OIDC Issuers fulcio#1665
  • This might indicate that the best approach would be to edit fulcio and then update the charts based on that change.