(DOCSP-21338): Added prefix example. (#870)

corryroot · jwilliams-mongo · commit 0738451b302e · 2025-04-14T17:11:19.000-05:00
* (DOCSP-21338): Added prefix example. * (DOCSP-21338): Incorporated JW's feedback. * (DOCSP-21338): Incorporated Brett's feedback.
diff --git a/source/includes/fact-example-secret-prefix-cluster-file.rst b/source/includes/fact-example-secret-prefix-cluster-file.rst
@@ -0,0 +1,7 @@
+.. example::
+
+   If you call your deployment ``my-replica-set`` and you set the 
+   prefix to ``mdb``, you must name the |tls| secret for the
+   client |tls| communications ``mdb-my-replica-set-cert``. Also, 
+   you must name the |tls| secret for internal cluster authentication 
+   (if enabled) ``mdb-my-replica-set-clusterfile``.
diff --git a/source/includes/fact-req-secret-prefix.rst b/source/includes/fact-req-secret-prefix.rst
@@ -0,0 +1,6 @@
+You must prefix your secrets with ``<prefix>-<metadata.name>`` if both
+of the following items are true:
+
+- You set :setting:`spec.security.certsSecretPrefix` or 
+  :setting:`spec.security.tls.secretRef.prefix`
+- You omit :setting:`spec.security.tls.secretRef.name`.
diff --git a/source/includes/list-tables/resource-keys-tls-custom-ca.rst b/source/includes/list-tables/resource-keys-tls-custom-ca.rst
@@ -22,4 +22,7 @@
      - Required
      - Add the ``<prefix>`` of the secret 
        name that contains your MongoDB deployment's |tls| certificates.
+
+       .. include:: /includes/fact-example-secret-prefix-cluster-file.rst
+
      - ``devDb``
diff --git a/source/includes/options-k8s-shared.yaml b/source/includes/options-k8s-shared.yaml
@@ -662,11 +662,9 @@ description: |
      - :setting:`spec.security.tls.secretRef.name`
      - :setting:`spec.security.tls.secretRef.prefix`
 
-  You must prefix your secrets with ``<prefix>-<metadata.name>`` if both
-  of the following items are true:
+  .. include:: /includes/fact-req-secret-prefix.rst
 
-  - You set :setting:`spec.security.certsSecretPrefix` or :setting:`spec.security.tls.secretRef.prefix`
-  - You omit :setting:`spec.security.tls.secretRef.name`.
+  .. include:: /includes/fact-example-secret-prefix-cluster-file.rst
 
   To learn more about naming the secrets that contain your |tls| 
   certificates, see the topic in :ref:`secure-tls` that applies to your 
diff --git a/source/includes/steps-source-deploy-k8s-resource.yaml b/source/includes/steps-source-deploy-k8s-resource.yaml
@@ -374,6 +374,12 @@ content: |
        --cert=<replica-set-tls-cert> \
        --key=<replica-set-tls-key>
 
+  .. note::
+
+     .. include:: /includes/fact-req-secret-prefix.rst
+
+  .. include:: /includes/fact-example-secret-prefix-cluster-file.rst
+  
   .. include:: /includes/facts/fact-if-use-vault.rst
 
   .. include:: /includes/facts/fact-learn-more-secret-storage.rst
@@ -455,6 +461,12 @@ content: |
        --cert=<replica-set-clusterfile-tls-cert> \
        --key=<replica-set-clusterfile-tls-key>
 
+  .. note::
+
+     .. include:: /includes/fact-req-secret-prefix.rst
+
+  .. include:: /includes/fact-example-secret-prefix-cluster-file.rst
+
 ---
 title: "Renew the |k8s-secret| for your X.509 certificate."
 stepnum: 0
