TrueChartsClone/charts/enterprise/clusterissuer/questions.yaml

# Include{groups}
questions:
# Include{global}
  - variable: clusterIssuer
    group: App Configuration
    label: Cluster Certificate Issuer
    schema:
      additional_attrs: true
      type: dict
      attrs:
        - variable: ACME
          label: 'ACME Issuer'
          schema:
            type: list
            default: []
            items:
              - variable: ACMEEntry
                label: 'ACME Issuer Entry'
                schema:
                  additional_attrs: true
                  type: dict
                  attrs:
                    - variable: name
                      label: Name
                      description: "Name to give the issuer"
                      schema:
                        type: string
                        required: true
                        valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
                        default: ""
                    - variable: type
                      label: Type or DNS-Provider
                      description: DNS Provider
                      schema:
                        type: string
                        default: cloudflare
                        enum:
                          - value: cloudflare
                            description: Cloudflare
                          - value: route53
                            description: Route53
                          - value: akamai
                            description: Akamai
                          - value: digitalocean
                            description: Digitalocean
                          - value: rfc2136
                            description: rfc2136 (Advanced)
                          - value: HTTP01
                            description: HTTP01 (Experimental)
                          - value: acmedns
                            description: ACME DNS (Advanced)
                    - variable: server
                      label: Server
                      description: "Server for ACME, for example: letsencrypt"
                      schema:
                        type: string
                        default: 'Letsencrypt-Production'
                        enum:
                          - value: 'https://acme-v02.api.letsencrypt.org/directory'
                            description: Letsencrypt-Production
                          - value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
                            description: Letsencrypt-Staging
                          - value: 'https://api.buypass.no/acme-v02/directory'
                            description: BuyPass-Production
                          - value: 'https://api.test4.buypass.no/acme-v02/directory'
                            description: BuyPass-Staging
                          - value: custom
                            description: Custom
                    - variable: customServer
                      label: Custom ACME Server (Advanced)
                      description: "This can be used to enter your own custom ACME server"
                      schema:
                        type: string
                        show_if: [["server", "=", "custom"]]
                        default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
                    - variable: caBundle
                      label: Trusted CABundle for private ACME server
                      description: "Trusted CABundle for private ACME server, encoded in base64"
                      schema:
                        type: string
                        show_if: [["server", "=", "custom"]]
                    - variable: email
                      label: Email
                      description: "Email adress to use for certificate issuing must match your DNS provider email when required"
                      schema:
                        type: string
                        required: true
                        default: "something@example.com"
                    - variable: cfapikey
                      label: CloudFlare API key
                      description: "CloudFlare API Key"
                      schema:
                        show_if: [["type", "=", "cloudflare"]]
                        type: string
                        default: ""
                    - variable: cfapitoken
                      label: CloudFlare API Token
                      description: "CloudFlare API Token"
                      schema:
                        show_if: [["type", "=", "cloudflare"]]
                        type: string
                        default: ""
                    - variable: region
                      label: Route53 Region
                      description: "Route 53 Region"
                      schema:
                        show_if: [["type", "=", "route53"]]
                        type: string
                        required: true
                        default: "us-west-1"
                    - variable: accessKeyID
                      label: Route53 accessKeyID
                      description: "Route53 accessKeyID"
                      schema:
                        show_if: [["type", "=", "route53"]]
                        type: string
                        required: true
                        default: ""
                    - variable: route53SecretAccessKey
                      label: Route53 Secret Access Key
                      description: "Route53 Secret Access Key"
                      schema:
                        show_if: [["type", "=", "route53"]]
                        type: string
                        required: true
                        default: ""
                    - variable: role
                      label: Route53 Role (optional)
                      description: "Route53 Role"
                      schema:
                        show_if: [["type", "=", "route53"]]
                        type: string
                        default: ""
                    - variable: serviceConsumerDomain
                      label: Akamai Service Consumer Domain
                      description: "Akamai Service Consumer Domain"
                      schema:
                        show_if: [["type", "=", "akamai"]]
                        type: string
                        required: true
                        default: ""
                    - variable: akclientToken
                      label: Akamai Client Token
                      description: "Client Token"
                      schema:
                        show_if: [["type", "=", "akamai"]]
                        type: string
                        required: true
                        default: ""
                    - variable: akclientSecret
                      label: Akamai Client Secret
                      description: "Akamai Client Secret"
                      schema:
                        show_if: [["type", "=", "akamai"]]
                        type: string
                        required: true
                        default: ""
                    - variable: akaccessToken
                      label: Akamai Access Token
                      description: "Akamai Access Token"
                      schema:
                        show_if: [["type", "=", "akamai"]]
                        type: string
                        required: true
                        default: ""
                    - variable: doaccessToken
                      label: Digitalocean Access Token
                      description: "Digitalocean Access Token"
                      schema:
                        show_if: [["type", "=", "digitalocean"]]
                        type: string
                        required: true
                        default: ""
                    - variable: nameserver
                      label: rfc2136 Namesever
                      description: "rfc2136 Namesever"
                      schema:
                        show_if: [["type", "=", "rfc2136"]]
                        type: string
                        required: true
                        default: ""
                    - variable: tsigKeyName
                      label: rfc2136 tsig Key Name
                      description: "rfc2136 tsig Key Name"
                      schema:
                        show_if: [["type", "=", "rfc2136"]]
                        type: string
                        required: true
                        default: ""
                    - variable: tsigAlgorithm
                      label: rfc2136 tsig Algorithm
                      description: "rfc2136 tsig Algorithm"
                      schema:
                        show_if: [["type", "=", "rfc2136"]]
                        type: string
                        required: true
                        default: ""
                    - variable: rfctsigSecret
                      label: rfc2136 sig Secret
                      description: "rfc2136 sig Secret"
                      schema:
                        show_if: [["type", "=", "rfc2136"]]
                        type: string
                        required: true
                        default: ""
                    - variable: acmednsHost
                      label: ACME DNS host
                      description: "ACME DNS API server address"
                      schema:
                        show_if: [["type", "=", "acmedns"]]
                        type: string
                        required: true
                        default: "https://auth.acme-dns.io"
                    - variable: acmednsConfig
                      label: ACME DNS config
                      description: "ACME DNS per-domain auth configuration"
                      schema:
                        show_if: [["type", "=", "acmedns"]]
                        type: list
                        default: []
                        items:
                          - variable: acmednsEntry
                            label: 'ACME DNS entry'
                            schema:
                              type: dict
                              attrs:
                                - variable: domain
                                  label: Domain
                                  schema:
                                    type: string
                                    required: true
                                - variable: username
                                  label: Username
                                  schema:
                                    type: string
                                    required: true
                                - variable: password
                                  label: Password
                                  schema:
                                    type: string
                                    required: true
                                - variable: fulldomain
                                  label: Full domain
                                  schema:
                                    type: string
                                    required: true
                                - variable: subdomain
                                  label: Subdomain
                                  schema:
                                    type: string
                                    required: true
                                - variable: allowFrom
                                  label: Allow from
                                  schema:
                                    type: list
                                    default: []
                                    items:
                                      - variable: cidr
                                        label: CIDR
                                        schema:
                                          type: ipaddr
                                          cidr: true
                                          required: true
        - variable: CA
          label: Certificate Authority Issuer
          schema:
            type: list
            default: []
            items:
              - variable: CAEntry
                label: 'CA Issuer Entry'
                schema:
                  additional_attrs: true
                  type: dict
                  attrs:
                    - variable: name
                      label: Name
                      description: "Name to give the issuer"
                      schema:
                        type: string
                        required: true
                        valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
                        default: ""
                    - variable: selfSigned
                      label: selfSigned
                      description: "Create Self Signed CA cert"
                      schema:
                        type: boolean
                        default: true
                    - variable: selfSignedCommonName
                      label: selfSigned CommonName
                      description: "Common name for selfSigned Certiticate Authority"
                      schema:
                        type: string
                        required: true
                        show_if: [["selfSigned", "=", true]]
                        default: "my-selfsigned-ca"
                    - variable: crt
                      label: "Custom CA cert (experimental)"
                      description: "certificate for Certiticate Authority"
                      schema:
                        type: string
                        required: true
                        max_length: 10240
                        show_if: [["selfSigned", "=", false]]
                        default: ""
                    - variable: key
                      label: "Custom CA key (experimental)"
                      description: "key Certiticate Authority"
                      schema:
                        type: string
                        required: true
                        max_length: 10240
                        show_if: [["selfSigned", "=", false]]
                        default: ""

        - variable: selfSigned
          label: 'SelfSigned Issuer'
          schema:
            additional_attrs: true
            type: dict
            attrs:
              - variable: enabled
                label: enabled
                description: "Enable self-signed issuer"
                schema:
                  type: boolean
                  default: true
              - variable: name
                label: Name
                description: "Name to give the issuer"
                schema:
                  type: string
                  required: true
                  valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
                  default: "selfsigned"

  - variable: clusterCertificates
    group: App Configuration
    label: Cluster Wide Certificates (Advanced)
    description: "Creates certificates for use within the entire cluster. Can be used to create wildcard certificates."
    schema:
      additional_attrs: true
      type: dict
      attrs:
        - variable: certificates
          label: Cluster Certificates
          schema:
            type: list
            default: []
            items:
              - variable: CertEntry
                label: 'Certificate Entry'
                schema:
                  additional_attrs: true
                  type: dict
                  attrs:
                    - variable: enabled
                      label: Enabled
                      schema:
                        type: boolean
                        default: true
                    - variable: name
                      label: Certificate Name
                      schema:
                        type: string
                        required: true
                        default: ""
                    - variable: certificateIssuer
                      label: Cert-Manager clusterIssuer
                      description: "One of the Cert-Manager clusterIssuers defined above"
                      schema:
                        type: string
                        required: true
                        valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
                        default: "selfsigned"
                    - variable: hosts
                      label: Certificate Hosts
                      description: "NOTE: Creation of wildcard certificates with an ACME issuer requires a DNSO1 solver to be set up."
                      schema:
                        type: list
                        default: []
                        items:
                          - variable: host
                            label: Host
                            schema:
                              type: string
                              default: ""
                              required: true

  - variable: customMetrics
    group: Metrics
    label: Prometheus Metrics
    schema:
      additional_attrs: true
      type: dict
      attrs:
        - variable: enabled
          label: Enabled
          description: Enable Prometheus Metrics
          schema:
            type: boolean
            default: true