mirror of
https://github.com/cert-manager/webhook-example.git
synced 2025-07-02 23:05:48 +02:00
Merge pull request #9 from Peltarion/parmus/helm-secret
feat: add support for using an existing token secret
This commit is contained in:
Arne Diekmann
GitHub
commit
61c77c010b
5 changed files with 13 additions and 4 deletions
|
|
@ -46,3 +46,7 @@ Create chart name and version as used by the chart label.
|
||||||
{{- define "dnsimple-webhook.servingCertificate" -}}
|
{{- define "dnsimple-webhook.servingCertificate" -}}
|
||||||
{{ printf "%s-webhook-tls" (include "dnsimple-webhook.fullname" .) }}
|
{{ printf "%s-webhook-tls" (include "dnsimple-webhook.fullname" .) }}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- define "dnsimple-webhook.tokenSecretName" -}}
|
||||||
|
{{- default (include "dnsimple-webhook.fullname" .) (.Values.dnsimple.tokenSecretName) -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ spec:
|
||||||
config:
|
config:
|
||||||
tokenSecretRef:
|
tokenSecretRef:
|
||||||
key: token
|
key: token
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}
|
name: {{ include "dnsimple-webhook.tokenSecretName" . }}
|
||||||
groupName: {{ .Values.groupName }}
|
groupName: {{ .Values.groupName }}
|
||||||
solverName: dnsimple
|
solverName: dnsimple
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
@ -1,7 +1,8 @@
|
||||||
|
{{- if not .Values.dnsimple.existingTokenSecret -}}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}
|
name: {{ include "dnsimple-webhook.tokenSecretName" . }}
|
||||||
labels:
|
labels:
|
||||||
app: {{ include "dnsimple-webhook.name" . }}
|
app: {{ include "dnsimple-webhook.name" . }}
|
||||||
chart: {{ include "dnsimple-webhook.chart" . }}
|
chart: {{ include "dnsimple-webhook.chart" . }}
|
||||||
|
|
@ -10,6 +11,7 @@ metadata:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
token: {{ .Values.dnsimple.token | b64enc }}
|
token: {{ .Values.dnsimple.token | b64enc }}
|
||||||
|
{{- end }}
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: Role
|
kind: Role
|
||||||
|
|
@ -23,7 +25,7 @@ metadata:
|
||||||
rules:
|
rules:
|
||||||
- apiGroups: [""] # indicates the core API group
|
- apiGroups: [""] # indicates the core API group
|
||||||
resources: ["secrets"]
|
resources: ["secrets"]
|
||||||
resourceNames: ["{{ include "dnsimple-webhook.fullname" . }}"]
|
resourceNames: ["{{ include "dnsimple-webhook.tokenSecretName" . }}"]
|
||||||
verbs: ["get", "watch"]
|
verbs: ["get", "watch"]
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ spec:
|
||||||
config:
|
config:
|
||||||
tokenSecretRef:
|
tokenSecretRef:
|
||||||
key: token
|
key: token
|
||||||
name: {{ include "dnsimple-webhook.fullname" . }}
|
name: {{ include "dnsimple-webhook.tokenSecretName" . }}
|
||||||
groupName: {{ .Values.groupName }}
|
groupName: {{ .Values.groupName }}
|
||||||
solverName: dnsimple
|
solverName: dnsimple
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
@ -13,6 +13,9 @@ certManager:
|
||||||
# logLevel: 3
|
# logLevel: 3
|
||||||
dnsimple:
|
dnsimple:
|
||||||
token: ""
|
token: ""
|
||||||
|
|
||||||
|
# existingTokenSecret: false
|
||||||
|
# tokenSecretName:
|
||||||
clusterIssuer:
|
clusterIssuer:
|
||||||
email: name@example.com
|
email: name@example.com
|
||||||
staging:
|
staging:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue