From 2f5b8424a4b674f8014fcd8586abb748324ab265 Mon Sep 17 00:00:00 2001 From: Shubham Gupta Date: Fri, 26 Jul 2024 20:26:13 +0530 Subject: [PATCH 1/2] chore: Add cert-manager templates for certificate and issuer Signed-off-by: Shubham Gupta --- .../cert-manager/templates/certificate.yaml | 16 ++++++++++++++++ .../cert-manager/templates/issuer.yaml | 2 +- argocd-helm-charts/cert-manager/values.yaml | 12 ++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 argocd-helm-charts/cert-manager/templates/certificate.yaml diff --git a/argocd-helm-charts/cert-manager/templates/certificate.yaml b/argocd-helm-charts/cert-manager/templates/certificate.yaml new file mode 100644 index 000000000..db1ca293a --- /dev/null +++ b/argocd-helm-charts/cert-manager/templates/certificate.yaml @@ -0,0 +1,16 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ .Values.certificate.name }} + namespace: {{ .Values.certificate.namespace }} +spec: + secretName: {{ .Values.certificate.secretName }} + issuerRef: + group: cert-manager.io + kind: {{ .Values.certificate.issuer.kind }} + name: {{ .Values.certificate.issuer.name }} + commonName: {{ .Values.certificate.commonName }} + dnsNames: + {{- range .Values.certificate.dnsNames }} + - {{ . }} + {{- end }} diff --git a/argocd-helm-charts/cert-manager/templates/issuer.yaml b/argocd-helm-charts/cert-manager/templates/issuer.yaml index 796b9ed21..a43a59514 100644 --- a/argocd-helm-charts/cert-manager/templates/issuer.yaml +++ b/argocd-helm-charts/cert-manager/templates/issuer.yaml @@ -2,7 +2,7 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: letsencrypt + name: {{ .Values.issuer.name }} spec: acme: email: {{ .Values.issuer.issuerEmail }} diff --git a/argocd-helm-charts/cert-manager/values.yaml b/argocd-helm-charts/cert-manager/values.yaml index 5d6f10e67..dfc5edbc0 100644 --- a/argocd-helm-charts/cert-manager/values.yaml +++ b/argocd-helm-charts/cert-manager/values.yaml @@ -32,8 +32,20 @@ cert-manager: cpu: 1m memory: 16Mi issuer: + name: letsencrypt enabled: false production: false preferredChain: null networkpolicies: false enableCertificateOwnerRef: true + +certificate: + name: wildcard-kbm + secretName: wildcard-kbm + issuer: + kind: ClusterIssuer + name: letsencrypt + commonName: "*.kbm.obmondo.com" + dnsNames: + - "*.kbm.obmondo.com" + - "kbm.obmondo.com" From e664db99b0caa322f28675c5347b5743670e9ca8 Mon Sep 17 00:00:00 2001 From: Ashish Jaiswal Date: Fri, 9 Aug 2024 05:55:19 +0530 Subject: [PATCH 2/2] feat: added certificate template file to support wildcard certificate and added a template function to have a namefix, which convert from dots to hyphens --- .../cert-manager/templates/_helpers.tpl | 7 +++++++ .../cert-manager/templates/certificate.yaml | 21 +++++++++++-------- .../{issuer.yaml => clusterissuer.yaml} | 0 argocd-helm-charts/cert-manager/values.yaml | 11 ---------- 4 files changed, 19 insertions(+), 20 deletions(-) create mode 100644 argocd-helm-charts/cert-manager/templates/_helpers.tpl rename argocd-helm-charts/cert-manager/templates/{issuer.yaml => clusterissuer.yaml} (100%) diff --git a/argocd-helm-charts/cert-manager/templates/_helpers.tpl b/argocd-helm-charts/cert-manager/templates/_helpers.tpl new file mode 100644 index 000000000..3afdfe41b --- /dev/null +++ b/argocd-helm-charts/cert-manager/templates/_helpers.tpl @@ -0,0 +1,7 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Simplified name of the secret name for issuing wildcard certificate. +*/}} +{{- define "cert-manager.namefix" -}} +{{ printf "%s" . | trimPrefix "*" | trimPrefix "." | replace "." "-" }} +{{- end -}} diff --git a/argocd-helm-charts/cert-manager/templates/certificate.yaml b/argocd-helm-charts/cert-manager/templates/certificate.yaml index db1ca293a..f14639bcb 100644 --- a/argocd-helm-charts/cert-manager/templates/certificate.yaml +++ b/argocd-helm-charts/cert-manager/templates/certificate.yaml @@ -1,16 +1,19 @@ +{{- if .Values.wildcardCertificates.enabled -}} +{{- range .Values.wildcardCertificates.domains }} apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ .Values.certificate.name }} - namespace: {{ .Values.certificate.namespace }} + name: {{ include "cert-manager.namefix" . }} spec: - secretName: {{ .Values.certificate.secretName }} + secretName: {{ include "cert-manager.namefix" . }} issuerRef: group: cert-manager.io - kind: {{ .Values.certificate.issuer.kind }} - name: {{ .Values.certificate.issuer.name }} - commonName: {{ .Values.certificate.commonName }} + kind: ClusterIssuer + name: {{ $.Values.issuer.name | quote }} + commonName: "{{ . }}" dnsNames: - {{- range .Values.certificate.dnsNames }} - - {{ . }} - {{- end }} + - "{{ . }}" + +--- +{{- end -}} +{{- end -}} diff --git a/argocd-helm-charts/cert-manager/templates/issuer.yaml b/argocd-helm-charts/cert-manager/templates/clusterissuer.yaml similarity index 100% rename from argocd-helm-charts/cert-manager/templates/issuer.yaml rename to argocd-helm-charts/cert-manager/templates/clusterissuer.yaml diff --git a/argocd-helm-charts/cert-manager/values.yaml b/argocd-helm-charts/cert-manager/values.yaml index dfc5edbc0..d1e718e88 100644 --- a/argocd-helm-charts/cert-manager/values.yaml +++ b/argocd-helm-charts/cert-manager/values.yaml @@ -38,14 +38,3 @@ issuer: preferredChain: null networkpolicies: false enableCertificateOwnerRef: true - -certificate: - name: wildcard-kbm - secretName: wildcard-kbm - issuer: - kind: ClusterIssuer - name: letsencrypt - commonName: "*.kbm.obmondo.com" - dnsNames: - - "*.kbm.obmondo.com" - - "kbm.obmondo.com"