KropCloud/cert-manager-webhook-example
1
0
Fork 1
mirror of https://github.com/cert-manager/webhook-example.git synced 2025-07-02 23:05:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
Gun 2020-11-19 23:36:50 +00:00 committed by GitHub
parent 7d4acc2914
commit d74084f8df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
README.md
View file

@ -1,38 +1,6 @@
# ACME webhook example # Cert Manager dynu ACME webhook
The ACME issuer type supports an optional 'webhook' solver, which can be used Webhook to get a certificate for dynu dns provider
to implement custom DNS01 challenge solving logic.
This is useful if you need to use cert-manager with a DNS provider that is not
officially supported in cert-manager core.
## Why not in core?
As the project & adoption has grown, there has been an influx of DNS provider
pull requests to our core codebase. As this number has grown, the test matrix
has become un-maintainable and so, it's not possible for us to certify that
providers work to a sufficient level.
By creating this 'interface' between cert-manager and DNS providers, we allow
users to quickly iterate and test out new integrations, and then packaging
those up themselves as 'extensions' to cert-manager.
We can also then provide a standardised 'testing framework', or set of
conformance tests, which allow us to validate the a DNS provider works as
expected.
## Creating your own webhook
Webhook's themselves are deployed as Kubernetes API services, in order to allow
administrators to restrict access to webhooks with Kubernetes RBAC.
This is important, as otherwise it'd be possible for anyone with access to your
webhook to complete ACME challenge validations and obtain certificates.
To make the set up of these webhook's easier, we provide a template repository
that can be used to get started quickly.
### Creating your own repository
### Running the test suite ### Running the test suite
@ -42,13 +10,8 @@ else they will have undetermined behaviour when used with cert-manager.
**It is essential that you configure and run the test suite when creating a **It is essential that you configure and run the test suite when creating a
DNS01 webhook.** DNS01 webhook.**
An example Go test file has been provided in [main_test.go]().
You can run the test suite with: You can run the test suite with:
```bash ```bash
$ TEST_ZONE_NAME=example.com go test . $ TEST_ZONE_NAME=example.com go test .
``` ```
The example file has a number of areas you must fill in and replace with your
own options in order for tests to pass.