From 378611c874ef4aab6cabfdb48c1fb69828f7f838 Mon Sep 17 00:00:00 2001 From: bacht-fidi Date: Thu, 17 Oct 2024 10:04:59 +0200 Subject: [PATCH 1/3] chore: :bookmark: Bumb version to 0.1.5 --- charts/cert-manager-webhook-dnsimple/Chart.yaml | 4 ++-- charts/cert-manager-webhook-dnsimple/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/cert-manager-webhook-dnsimple/Chart.yaml b/charts/cert-manager-webhook-dnsimple/Chart.yaml index 2a46f63..51096c8 100644 --- a/charts/cert-manager-webhook-dnsimple/Chart.yaml +++ b/charts/cert-manager-webhook-dnsimple/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "v0.1.4" +appVersion: "v0.1.5" description: cert-manager webhook solver for ACME DNS01 challenge via DNSimple name: cert-manager-webhook-dnsimple -version: 0.1.4 +version: 0.1.5 home: https://github.com/puzzle/cert-manager-webhook-dnsimple sources: - https://github.com/puzzle/cert-manager-webhook-dnsimple diff --git a/charts/cert-manager-webhook-dnsimple/values.yaml b/charts/cert-manager-webhook-dnsimple/values.yaml index d7ac6ea..82140c0 100644 --- a/charts/cert-manager-webhook-dnsimple/values.yaml +++ b/charts/cert-manager-webhook-dnsimple/values.yaml @@ -20,7 +20,7 @@ clusterIssuer: enabled: false image: repository: ghcr.io/puzzle/cert-manager-webhook-dnsimple - tag: v0.1.4 + tag: v0.1.5 pullPolicy: IfNotPresent # pullSecret: "gcr" nameOverride: "" @@ -43,4 +43,4 @@ resources: {} nodeSelector: {} tolerations: [] -affinity: {} \ No newline at end of file +affinity: {} From 65e684870fdd1698118d03e1b34c6621f20f633e Mon Sep 17 00:00:00 2001 From: bacht-fidi Date: Thu, 17 Oct 2024 10:06:43 +0200 Subject: [PATCH 2/3] fix: :bug: removed legacy apiversions and set it as static value Removed go template condition with legacy api version value and set it as a static value --- .../templates/apiservice.yaml | 3 +-- charts/cert-manager-webhook-dnsimple/templates/pki.yaml | 9 ++++----- charts/cert-manager-webhook-dnsimple/templates/rbac.yaml | 7 +++---- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml b/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml index b498911..c623b64 100644 --- a/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml +++ b/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml @@ -1,5 +1,4 @@ -{{- $APIRegistrationAPIVersion := ternary "apiregistration.k8s.io/v1" "apiregistration.k8s.io/v1beta1" (.Capabilities.APIVersions.Has "apiregistration.k8s.io/v1") -}} -apiVersion: {{ $APIRegistrationAPIVersion }} +apiVersion: apiregistration.k8s.io/v1 kind: APIService metadata: name: v1alpha1.{{ include "dnsimple-webhook.api-group" . }} diff --git a/charts/cert-manager-webhook-dnsimple/templates/pki.yaml b/charts/cert-manager-webhook-dnsimple/templates/pki.yaml index fae08fd..cbabdd8 100644 --- a/charts/cert-manager-webhook-dnsimple/templates/pki.yaml +++ b/charts/cert-manager-webhook-dnsimple/templates/pki.yaml @@ -1,8 +1,7 @@ -{{- $CertManagerAPIVersion := ternary "cert-manager.io/v1" "cert-manager.io/v1alpha2" (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}} --- # Create a selfsigned Issuer, in order to create a root CA certificate for # signing webhook serving certificates -apiVersion: {{ $CertManagerAPIVersion }} +apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: {{ include "dnsimple-webhook.selfSignedIssuer" . }} @@ -18,7 +17,7 @@ spec: --- # Generate a CA Certificate used to sign certificates for the webhook -apiVersion: {{ $CertManagerAPIVersion }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "dnsimple-webhook.rootCACertificate" . }} @@ -39,7 +38,7 @@ spec: --- # Create an Issuer that uses the above generated CA certificate to issue certs -apiVersion: {{ $CertManagerAPIVersion }} +apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: {{ include "dnsimple-webhook.rootCAIssuer" . }} @@ -56,7 +55,7 @@ spec: --- # Finally, generate a serving certificate for the webhook to use -apiVersion: {{ $CertManagerAPIVersion }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "dnsimple-webhook.servingCertificate" . }} diff --git a/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml b/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml index 91192d8..2636769 100644 --- a/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml +++ b/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml @@ -1,4 +1,3 @@ -{{- $RBACAPIVersion := ternary "rbac.authorization.k8s.io/v1" "rbac.authorization.k8s.io/v1beta1" (.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1") -}} apiVersion: v1 kind: ServiceAccount metadata: @@ -12,7 +11,7 @@ metadata: # Grant the webhook permission to read the ConfigMap containing the Kubernetes # apiserver's requestheader-ca-certificate. # This ConfigMap is automatically created by the Kubernetes apiserver. -apiVersion: {{ $RBACAPIVersion }} +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "dnsimple-webhook.fullname" . }}:webhook-authentication-reader @@ -34,7 +33,7 @@ subjects: --- # apiserver gets the auth-delegator role to delegate auth decisions to # the core apiserver -apiVersion: {{ $RBACAPIVersion }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ include "dnsimple-webhook.fullname" . }}:auth-delegator @@ -54,7 +53,7 @@ subjects: namespace: {{ .Release.Namespace }} --- # Grant cert-manager permission to validate using our apiserver -apiVersion: {{ $RBACAPIVersion }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ include "dnsimple-webhook.fullname" . }}:domain-solver From 916971152ecd59d4379ee5df3f7bbef6809b138f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beat=20Sch=C3=A4rz?= Date: Thu, 17 Oct 2024 13:15:01 +0200 Subject: [PATCH 3/3] prerequisite cert-manager >= 1.0.0 for v1 version --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 273b044..6f821f2 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ A [cert-manager][2] ACME DNS01 solver webhook for [DNSimple][1]. ## Pre-requisites -- [cert-manager][2] >= 0.13 (The Helm chart uses the new API versions) +- [cert-manager][2] >= 1.0.0 (The Helm chart uses the new API versions) - Kubernetes >= 1.17.x - Helm 3 (otherwise adjust the example below accordingly)