Delete enterprise/cert-manager directory
This commit is contained in:
parent
0f4a1d4a90
commit
9209235262
|
@ -1,99 +0,0 @@
|
||||||
**Important:**
|
|
||||||
*for the complete changelog, please refer to the website*
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.37](https://github.com/truecharts/charts/compare/cert-manager-1.0.36...cert-manager-1.0.37) (2023-05-27)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#9197](https://github.com/truecharts/charts/issues/9197))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.36](https://github.com/truecharts/charts/compare/cert-manager-1.0.35...cert-manager-1.0.36) (2023-05-26)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#9156](https://github.com/truecharts/charts/issues/9156))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.35](https://github.com/truecharts/charts/compare/cert-manager-1.0.34...cert-manager-1.0.35) (2023-05-24)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#9125](https://github.com/truecharts/charts/issues/9125))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.34](https://github.com/truecharts/charts/compare/cert-manager-1.0.33...cert-manager-1.0.34) (2023-05-22)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#9089](https://github.com/truecharts/charts/issues/9089))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.33](https://github.com/truecharts/charts/compare/cert-manager-1.0.32...cert-manager-1.0.33) (2023-05-16)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#8979](https://github.com/truecharts/charts/issues/8979))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.32](https://github.com/truecharts/charts/compare/cert-manager-1.0.31...cert-manager-1.0.32) (2023-05-15)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update container image tccr.io/truecharts/scratch to latest ([#8960](https://github.com/truecharts/charts/issues/8960))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.31](https://github.com/truecharts/charts/compare/cert-manager-1.0.30...cert-manager-1.0.31) (2023-05-05)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#8782](https://github.com/truecharts/charts/issues/8782))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.30](https://github.com/truecharts/charts/compare/cert-manager-1.0.29...cert-manager-1.0.30) (2023-05-05)
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.29](https://github.com/truecharts/charts/compare/cert-manager-1.0.28...cert-manager-1.0.29) (2023-05-05)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update container image tccr.io/truecharts/scratch to latest ([#8779](https://github.com/truecharts/charts/issues/8779))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.29](https://github.com/truecharts/charts/compare/cert-manager-1.0.28...cert-manager-1.0.29) (2023-05-05)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update container image tccr.io/truecharts/scratch to latest ([#8779](https://github.com/truecharts/charts/issues/8779))
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.29](https://github.com/truecharts/charts/compare/cert-manager-1.0.28...cert-manager-1.0.29) (2023-05-05)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update container image tccr.io/truecharts/scratch to latest ([#8779](https://github.com/truecharts/charts/issues/8779))
|
|
||||||
|
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
apiVersion: v2
|
|
||||||
appVersion: "latest"
|
|
||||||
deprecated: false
|
|
||||||
description: Certificate management for Kubernetes
|
|
||||||
home: https://truecharts.org/charts/enterprise/cert-manager
|
|
||||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
|
|
||||||
keywords:
|
|
||||||
- metallb
|
|
||||||
- loadbalancer
|
|
||||||
dependencies:
|
|
||||||
- name: common
|
|
||||||
repository: https://library-charts.truecharts.org
|
|
||||||
version: 12.10.4
|
|
||||||
kubeVersion: ">=1.16.0-0"
|
|
||||||
maintainers:
|
|
||||||
- email: info@truecharts.org
|
|
||||||
name: TrueCharts
|
|
||||||
url: https://truecharts.org
|
|
||||||
name: cert-manager
|
|
||||||
sources:
|
|
||||||
- https://github.com/truecharts/charts/tree/master/charts/enterprise/cert-manager
|
|
||||||
- https://cert-manager.io/
|
|
||||||
type: application
|
|
||||||
version: 1.0.37
|
|
||||||
annotations:
|
|
||||||
truecharts.org/catagories: |
|
|
||||||
- core
|
|
||||||
truecharts.org/SCALE-support: "true"
|
|
||||||
truecharts.org/grade: U
|
|
|
@ -1,106 +0,0 @@
|
||||||
Business Source License 1.1
|
|
||||||
|
|
||||||
Parameters
|
|
||||||
|
|
||||||
Licensor: The TrueCharts Project, it's owner and it's contributors
|
|
||||||
Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
|
|
||||||
Additional Use Grant: You may use the licensed work in production, as long
|
|
||||||
as it is directly sourced from a TrueCharts provided
|
|
||||||
official repository, catalog or source. You may also make private
|
|
||||||
modification to the directly sourced licenced work,
|
|
||||||
when used in production.
|
|
||||||
|
|
||||||
The following cases are, due to their nature, also
|
|
||||||
defined as 'production use' and explicitly prohibited:
|
|
||||||
- Bundling, including or displaying the licensed work
|
|
||||||
with(in) another work intended for production use,
|
|
||||||
with the apparent intend of facilitating and/or
|
|
||||||
promoting production use by third parties in
|
|
||||||
violation of this license.
|
|
||||||
|
|
||||||
Change Date: 2050-01-01
|
|
||||||
|
|
||||||
Change License: 3-clause BSD license
|
|
||||||
|
|
||||||
For information about alternative licensing arrangements for the Software,
|
|
||||||
please contact: legal@truecharts.org
|
|
||||||
|
|
||||||
Notice
|
|
||||||
|
|
||||||
The Business Source License (this document, or the “License”) is not an Open
|
|
||||||
Source license. However, the Licensed Work will eventually be made available
|
|
||||||
under an Open Source License, as stated in this License.
|
|
||||||
|
|
||||||
License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
|
|
||||||
“Business Source License” is a trademark of MariaDB Corporation Ab.
|
|
||||||
|
|
||||||
-----------------------------------------------------------------------------
|
|
||||||
|
|
||||||
Business Source License 1.1
|
|
||||||
|
|
||||||
Terms
|
|
||||||
|
|
||||||
The Licensor hereby grants you the right to copy, modify, create derivative
|
|
||||||
works, redistribute, and make non-production use of the Licensed Work. The
|
|
||||||
Licensor may make an Additional Use Grant, above, permitting limited
|
|
||||||
production use.
|
|
||||||
|
|
||||||
Effective on the Change Date, or the fourth anniversary of the first publicly
|
|
||||||
available distribution of a specific version of the Licensed Work under this
|
|
||||||
License, whichever comes first, the Licensor hereby grants you rights under
|
|
||||||
the terms of the Change License, and the rights granted in the paragraph
|
|
||||||
above terminate.
|
|
||||||
|
|
||||||
If your use of the Licensed Work does not comply with the requirements
|
|
||||||
currently in effect as described in this License, you must purchase a
|
|
||||||
commercial license from the Licensor, its affiliated entities, or authorized
|
|
||||||
resellers, or you must refrain from using the Licensed Work.
|
|
||||||
|
|
||||||
All copies of the original and modified Licensed Work, and derivative works
|
|
||||||
of the Licensed Work, are subject to this License. This License applies
|
|
||||||
separately for each version of the Licensed Work and the Change Date may vary
|
|
||||||
for each version of the Licensed Work released by Licensor.
|
|
||||||
|
|
||||||
You must conspicuously display this License on each original or modified copy
|
|
||||||
of the Licensed Work. If you receive the Licensed Work in original or
|
|
||||||
modified form from a third party, the terms and conditions set forth in this
|
|
||||||
License apply to your use of that work.
|
|
||||||
|
|
||||||
Any use of the Licensed Work in violation of this License will automatically
|
|
||||||
terminate your rights under this License for the current and all other
|
|
||||||
versions of the Licensed Work.
|
|
||||||
|
|
||||||
This License does not grant you any right in any trademark or logo of
|
|
||||||
Licensor or its affiliates (provided that you may use a trademark or logo of
|
|
||||||
Licensor as expressly required by this License).
|
|
||||||
|
|
||||||
TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
|
|
||||||
AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
|
|
||||||
EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
|
|
||||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
|
|
||||||
TITLE.
|
|
||||||
|
|
||||||
MariaDB hereby grants you permission to use this License’s text to license
|
|
||||||
your works, and to refer to it using the trademark “Business Source License”,
|
|
||||||
as long as you comply with the Covenants of Licensor below.
|
|
||||||
|
|
||||||
Covenants of Licensor
|
|
||||||
|
|
||||||
In consideration of the right to use this License’s text and the “Business
|
|
||||||
Source License” name and trademark, Licensor covenants to MariaDB, and to all
|
|
||||||
other recipients of the licensed work to be provided by Licensor:
|
|
||||||
|
|
||||||
1. To specify as the Change License the GPL Version 2.0 or any later version,
|
|
||||||
or a license that is compatible with GPL Version 2.0 or a later version,
|
|
||||||
where “compatible” means that software provided under the Change License can
|
|
||||||
be included in a program with software provided under GPL Version 2.0 or a
|
|
||||||
later version. Licensor may specify additional Change Licenses without
|
|
||||||
limitation.
|
|
||||||
|
|
||||||
2. To either: (a) specify an additional grant of rights to use that does not
|
|
||||||
impose any additional restriction on the right granted in this License, as
|
|
||||||
the Additional Use Grant; or (b) insert the text “None”.
|
|
||||||
|
|
||||||
3. To specify a Change Date.
|
|
||||||
|
|
||||||
4. Not to modify this License in any other way.
|
|
|
@ -1,27 +0,0 @@
|
||||||
# README
|
|
||||||
|
|
||||||
## General Info
|
|
||||||
|
|
||||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
|
||||||
However only installations using the TrueNAS SCALE Apps system are supported.
|
|
||||||
|
|
||||||
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
|
|
||||||
|
|
||||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
|
||||||
|
|
||||||
|
|
||||||
## Support
|
|
||||||
|
|
||||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
|
|
||||||
- See the [Website](https://truecharts.org)
|
|
||||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
|
||||||
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Sponsor TrueCharts
|
|
||||||
|
|
||||||
TrueCharts can only exist due to the incredible effort of our staff.
|
|
||||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
|
||||||
|
|
||||||
*All Rights Reserved - The TrueCharts Project*
|
|
|
@ -1,9 +0,0 @@
|
||||||
|
|
||||||
|
|
||||||
## [cert-manager-1.0.37](https://github.com/truecharts/charts/compare/cert-manager-1.0.36...cert-manager-1.0.37) (2023-05-27)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
- update helm general non-major ([#9197](https://github.com/truecharts/charts/issues/9197))
|
|
||||||
|
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
Certificate management for Kubernetes
|
|
||||||
|
|
||||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/cert-manager](https://truecharts.org/charts/enterprise/cert-manager)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
TrueCharts can only exist due to the incredible effort of our staff.
|
|
||||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
|
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -1,80 +0,0 @@
|
||||||
image:
|
|
||||||
repository: tccr.io/truecharts/scratch
|
|
||||||
tag: latest@sha256:9dd0f68d32ace452a3a75273bd8e3a074d0a14e4d38683389c73887432832fc3
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
manifestManager:
|
|
||||||
enabled: true
|
|
||||||
workload:
|
|
||||||
main:
|
|
||||||
enabled: false
|
|
||||||
podSpec:
|
|
||||||
containers:
|
|
||||||
main:
|
|
||||||
enabled: false
|
|
||||||
probes:
|
|
||||||
liveness:
|
|
||||||
enabled: false
|
|
||||||
readiness:
|
|
||||||
enabled: false
|
|
||||||
startup:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
service:
|
|
||||||
main:
|
|
||||||
enabled: false
|
|
||||||
ports:
|
|
||||||
main:
|
|
||||||
enabled: false
|
|
||||||
port: 9999
|
|
||||||
|
|
||||||
portal:
|
|
||||||
open:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
clusterIssuer:
|
|
||||||
selfSigned:
|
|
||||||
enabled: true
|
|
||||||
name: "selfsigned"
|
|
||||||
CA: []
|
|
||||||
# - name: myca
|
|
||||||
# selfSigned: true
|
|
||||||
# selfSignedCommonName: "my-selfsigned-ca"
|
|
||||||
# # Used to manually define a CA-crt not used when selfSigned is enabled
|
|
||||||
# crt: ""
|
|
||||||
# key: ""
|
|
||||||
# # TODO: Add option to use SCALE CA certs
|
|
||||||
|
|
||||||
ACME: []
|
|
||||||
# - name: letsencrypt
|
|
||||||
# # Used for both logging in to the DNS provider AND ACME registration
|
|
||||||
# email: ""
|
|
||||||
# server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
||||||
# # Used primarily for the SCALE GUI
|
|
||||||
# customServer: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
||||||
# email: ""
|
|
||||||
# # Options: HTTP01, cloudflare, route53
|
|
||||||
# type: ""
|
|
||||||
# # for cloudflare
|
|
||||||
# cfapikey: ""
|
|
||||||
# cfapitoken: ""
|
|
||||||
# # for route53
|
|
||||||
# region: ""
|
|
||||||
# accessKeyID: ""
|
|
||||||
# route53SecretAccessKey: ""
|
|
||||||
# # optional for route53
|
|
||||||
# role: ""
|
|
||||||
# # for akamai
|
|
||||||
# serviceConsumerDomain: ""
|
|
||||||
# akclientToken: ""
|
|
||||||
# akclientSecret: ""
|
|
||||||
# akaccessToken: ""
|
|
||||||
# # for digitalocean
|
|
||||||
# doaccessToken: ""
|
|
||||||
# # for rfc2136
|
|
||||||
# nameserver: ""
|
|
||||||
# tsigKeyName: ""
|
|
||||||
# tsigAlgorithm: ""
|
|
||||||
# rfctsigSecret: ""
|
|
||||||
|
|
||||||
customMetrics:
|
|
||||||
enabled: true
|
|
|
@ -1,327 +0,0 @@
|
||||||
groups:
|
|
||||||
- name: Container Image
|
|
||||||
description: Image to be used for container
|
|
||||||
- name: General Settings
|
|
||||||
description: General Deployment Settings
|
|
||||||
- name: Workload Settings
|
|
||||||
description: Workload Settings
|
|
||||||
- name: App Configuration
|
|
||||||
description: App Specific Config Options
|
|
||||||
- name: Networking and Services
|
|
||||||
description: Configure Network and Services for Container
|
|
||||||
- name: Storage and Persistence
|
|
||||||
description: Persist and Share Data that is Separate from the Container
|
|
||||||
- name: Ingress
|
|
||||||
description: Ingress Configuration
|
|
||||||
- name: Security and Permissions
|
|
||||||
description: Configure Security Context and Permissions
|
|
||||||
- name: Resources and Devices
|
|
||||||
description: "Specify Resources/Devices to be Allocated to Workload"
|
|
||||||
- name: Middlewares
|
|
||||||
description: Traefik Middlewares
|
|
||||||
- name: Metrics
|
|
||||||
description: Metrics
|
|
||||||
- name: Addons
|
|
||||||
description: Addon Configuration
|
|
||||||
- name: Advanced
|
|
||||||
description: Advanced Configuration
|
|
||||||
- name: Postgresql
|
|
||||||
description: Postgresql
|
|
||||||
- name: Documentation
|
|
||||||
description: Documentation
|
|
||||||
questions:
|
|
||||||
- variable: global
|
|
||||||
group: General Settings
|
|
||||||
label: "Global Settings"
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: stopAll
|
|
||||||
label: Stop All
|
|
||||||
description: "Stops All Running pods and hibernates cnpg"
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
default: false
|
|
||||||
- variable: clusterIssuer
|
|
||||||
group: App Configuration
|
|
||||||
label: Cluster Certificate Issuer
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: ACME
|
|
||||||
label: 'ACME Issuer'
|
|
||||||
schema:
|
|
||||||
type: list
|
|
||||||
default: []
|
|
||||||
items:
|
|
||||||
- variable: ACMEEntry
|
|
||||||
label: 'ACME Issuer Entry'
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: name
|
|
||||||
label: Name
|
|
||||||
description: "Name to give the issuer"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
||||||
default: ""
|
|
||||||
- variable: type
|
|
||||||
label: Type or DNS-Provider
|
|
||||||
description: DNS Provider
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
default: cloudflare
|
|
||||||
enum:
|
|
||||||
- value: cloudflare
|
|
||||||
description: Cloudflare
|
|
||||||
- value: route53
|
|
||||||
description: Route53
|
|
||||||
- value: akamai
|
|
||||||
description: Akamai
|
|
||||||
- value: digitalocean
|
|
||||||
description: Digitalocean
|
|
||||||
- value: rfc2136
|
|
||||||
description: rfc2136 (Advanced)
|
|
||||||
- value: HTTP01
|
|
||||||
description: HTTP01 (Experimental)
|
|
||||||
- variable: server
|
|
||||||
label: Server
|
|
||||||
description: "Server for ACME, for example: letsencrypt"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
show_if: [["type", "!=", "HTTP01"]]
|
|
||||||
default: 'Letsencrypt-Production'
|
|
||||||
enum:
|
|
||||||
- value: 'https://acme-v02.api.letsencrypt.org/directory'
|
|
||||||
description: Letsencrypt-Production
|
|
||||||
- value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
||||||
description: Letsencrypt-Staging
|
|
||||||
- value: 'https://api.buypass.no/acme-v02/directory'
|
|
||||||
description: BuyPass-Production
|
|
||||||
- value: 'https://api.test4.buypass.no/acme-v02/directory'
|
|
||||||
description: BuyPass-Staging
|
|
||||||
- value: custom
|
|
||||||
description: Custom
|
|
||||||
- variable: customServer
|
|
||||||
label: Custom ACME Server (Advanced)
|
|
||||||
description: "This can be used to enter your own custom ACME server"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
show_if: [["server", "=", "custom"]]
|
|
||||||
default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
||||||
- variable: email
|
|
||||||
label: Email
|
|
||||||
description: "Email adress to use for certificate issuing must match your DNS provider email when required"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
show_if: [["type", "!=", "HTTP01"]]
|
|
||||||
default: "something@example.com"
|
|
||||||
- variable: cfapikey
|
|
||||||
label: CloudFlare API key
|
|
||||||
description: "CloudFlare API Key"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "cloudflare"]]
|
|
||||||
type: string
|
|
||||||
default: ""
|
|
||||||
- variable: cfapitoken
|
|
||||||
label: CloudFlare API Token
|
|
||||||
description: "CloudFlare API Token"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "cloudflare"]]
|
|
||||||
type: string
|
|
||||||
default: ""
|
|
||||||
- variable: region
|
|
||||||
label: Route53 Region
|
|
||||||
description: "Route 53 Region"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "route53"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: "us-west-1"
|
|
||||||
- variable: accessKeyID
|
|
||||||
label: Route53 accessKeyID
|
|
||||||
description: "Route53 accessKeyID"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "route53"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: route53SecretAccessKey
|
|
||||||
label: Route53 Secret Access Key
|
|
||||||
description: "Route53 Secret Access Key"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "route53"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: role
|
|
||||||
label: Route53 Role (optional)
|
|
||||||
description: "Route53 Role"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "route53"]]
|
|
||||||
type: string
|
|
||||||
default: ""
|
|
||||||
- variable: serviceConsumerDomain
|
|
||||||
label: Akamai Service Consumer Domain
|
|
||||||
description: "Akamai Service Consumer Domain"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "akamai"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: akclientToken
|
|
||||||
label: Akamai Client Token
|
|
||||||
description: "Client Token"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "akamai"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: akclientSecret
|
|
||||||
label: Akamai Client Secret
|
|
||||||
description: "Akamai Client Secret"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "akamai"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: akaccessToken
|
|
||||||
label: Akamai Access Token
|
|
||||||
description: "Akamai Access Token"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "akamai"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: doaccessToken
|
|
||||||
label: Digitalocean Access Token
|
|
||||||
description: "Digitalocean Access Token"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "digitalocean"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: nameserver
|
|
||||||
label: rfc2136 Namesever
|
|
||||||
description: "rfc2136 Namesever"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "rfc2136"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: tsigKeyName
|
|
||||||
label: rfc2136 tsig Key Name
|
|
||||||
description: "rfc2136 tsig Key Name"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "rfc2136"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: tsigAlgorithm
|
|
||||||
label: rfc2136 tsig Algorithm
|
|
||||||
description: "rfc2136 tsig Algorithm"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "rfc2136"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
- variable: rfctsigSecret
|
|
||||||
label: rfc2136 sig Secret
|
|
||||||
description: "rfc2136 sig Secret"
|
|
||||||
schema:
|
|
||||||
show_if: [["type", "=", "rfc2136"]]
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: ""
|
|
||||||
|
|
||||||
- variable: CA
|
|
||||||
label: Certificate Authority Issuer
|
|
||||||
schema:
|
|
||||||
type: list
|
|
||||||
default: []
|
|
||||||
items:
|
|
||||||
- variable: CAEntry
|
|
||||||
label: 'CA Issuer Entry'
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: name
|
|
||||||
label: Name
|
|
||||||
description: "Name to give the issuer"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
||||||
default: ""
|
|
||||||
- variable: selfSigned
|
|
||||||
label: selfSigned
|
|
||||||
description: "Create Self Signed CA cert"
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
default: true
|
|
||||||
- variable: selfSignedCommonName
|
|
||||||
label: selfSigned CommonName
|
|
||||||
description: "Common name for selfSigned Certiticate Authority"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
show_if: [["selfSigned", "=", "true"]]
|
|
||||||
default: "my-selfsigned-ca"
|
|
||||||
- variable: crt
|
|
||||||
label: "Custom CA cert (experimental)"
|
|
||||||
description: "certificate for Certiticate Authority"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
show_if: [["selfSigned", "=", "false"]]
|
|
||||||
default: ""
|
|
||||||
- variable: key
|
|
||||||
label: "Custom CA key (experimental)"
|
|
||||||
description: "key Certiticate Authority"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
show_if: [["selfSigned", "=", "false"]]
|
|
||||||
default: ""
|
|
||||||
|
|
||||||
- variable: selfSigned
|
|
||||||
label: 'SelfSigned Issuer'
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: enabled
|
|
||||||
label: enabled
|
|
||||||
description: "Enable self-signed issuer"
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
default: true
|
|
||||||
- variable: name
|
|
||||||
label: Name
|
|
||||||
description: "Name to give the issuer"
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
||||||
default: "selfsigned"
|
|
||||||
|
|
||||||
- variable: customMetrics
|
|
||||||
group: Metrics
|
|
||||||
label: Prometheus Metrics
|
|
||||||
schema:
|
|
||||||
additional_attrs: true
|
|
||||||
type: dict
|
|
||||||
attrs:
|
|
||||||
- variable: enabled
|
|
||||||
label: Enabled
|
|
||||||
description: Enable Prometheus Metrics
|
|
||||||
schema:
|
|
||||||
type: boolean
|
|
||||||
default: true
|
|
|
@ -1 +0,0 @@
|
||||||
{{- include "tc.v1.common.lib.chart.notes" $ -}}
|
|
|
@ -1,26 +0,0 @@
|
||||||
{{- define "certmanager.metrics" -}}
|
|
||||||
{{- if .Values.customMetrics.enabled }}
|
|
||||||
---
|
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: PodMonitor
|
|
||||||
metadata:
|
|
||||||
name: cert-manager
|
|
||||||
namespace: cert-manager
|
|
||||||
labels:
|
|
||||||
app: cert-manager
|
|
||||||
app.kubernetes.io/name: cert-manager
|
|
||||||
app.kubernetes.io/instance: cert-manager
|
|
||||||
app.kubernetes.io/component: "controller"
|
|
||||||
spec:
|
|
||||||
jobLabel: app.kubernetes.io/name
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: cert-manager
|
|
||||||
app.kubernetes.io/name: cert-manager
|
|
||||||
app.kubernetes.io/instance: cert-manager
|
|
||||||
app.kubernetes.io/component: "controller"
|
|
||||||
podMetricsEndpoints:
|
|
||||||
- port: http
|
|
||||||
honorLabels: true
|
|
||||||
{{- end }}
|
|
||||||
{{- end -}}
|
|
|
@ -1,96 +0,0 @@
|
||||||
{{- define "certmanager.clusterissuer.acme" -}}
|
|
||||||
{{- range .Values.clusterIssuer.ACME }}
|
|
||||||
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
|
|
||||||
{{- fail "ACME - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- $validTypes := list "HTTP01" "cloudflare" "route53" "digitalocean" "akamai" "rfc2136" -}}
|
|
||||||
{{- if not (mustHas .type $validTypes) -}}
|
|
||||||
{{- fail (printf "Expected ACME type to be one of [%s], but got [%s]" (join ", " $validTypes) .type) -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- $issuerSecretName := printf "%s-clusterissuer-secret" .name }}
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: ClusterIssuer
|
|
||||||
metadata:
|
|
||||||
name: {{ .name }}
|
|
||||||
spec:
|
|
||||||
acme:
|
|
||||||
email: {{ .email }}
|
|
||||||
server: {{ if eq .server "custom" }}{{ .customServer }}{{ else }}{{ .server }}{{ end }}
|
|
||||||
privateKeySecretRef:
|
|
||||||
name: {{ .name }}-acme-clusterissuer-account-key
|
|
||||||
solvers:
|
|
||||||
{{- if eq .type "HTTP01" }}
|
|
||||||
- http01:
|
|
||||||
ingress:
|
|
||||||
{{- else }}
|
|
||||||
- dns01:
|
|
||||||
{{- if eq .type "cloudflare" }}
|
|
||||||
cloudflare:
|
|
||||||
email: {{ .email }}
|
|
||||||
{{- if .cfapitoken }}
|
|
||||||
apiTokenSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: cf-api-token
|
|
||||||
{{- else if .cfapikey }}
|
|
||||||
apiKeySecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: cf-api-key
|
|
||||||
{{- else -}}
|
|
||||||
{{- fail "A cloudflare API key or token is required" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- else if eq .type "route53" }}
|
|
||||||
route53:
|
|
||||||
region: {{ .region }}
|
|
||||||
accessKeyID: {{ .accessKeyID }}
|
|
||||||
{{- if .role }}
|
|
||||||
role: {{ .role }}
|
|
||||||
{{- end }}
|
|
||||||
secretAccessKeySecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: route53-secret-access-key
|
|
||||||
{{- else if eq .type "akamai" }}
|
|
||||||
akamai:
|
|
||||||
serviceConsumerDomain: {{ .serviceConsumerDomain }}
|
|
||||||
clientTokenSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: akclientToken
|
|
||||||
clientSecretSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: akclientSecret
|
|
||||||
accessTokenSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: akaccessToken
|
|
||||||
{{- else if eq .type "digitalocean" }}
|
|
||||||
digitalocean:
|
|
||||||
tokenSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: doaccessToken
|
|
||||||
{{- else if eq .type "rfc2136" }}
|
|
||||||
rfc2136:
|
|
||||||
nameserver: {{ .nameserver }}
|
|
||||||
tsigKeyName: {{ .tsigKeyName }}
|
|
||||||
tsigAlgorithm: {{ .tsigAlgorithm }}
|
|
||||||
tsigSecretSecretRef:
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
key: rfctsigSecret
|
|
||||||
{{- end -}}
|
|
||||||
{{- end }}
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
namespace: cert-manager
|
|
||||||
name: {{ $issuerSecretName }}
|
|
||||||
type: Opaque
|
|
||||||
stringData:
|
|
||||||
cf-api-token: {{ .cfapitoken | default "" }}
|
|
||||||
cf-api-key: {{ .cfapikey | default "" }}
|
|
||||||
route53-secret-access-key: {{ .route53SecretAccessKey | default "" }}
|
|
||||||
akclientToken: {{ .akclientToken | default "" }}
|
|
||||||
akclientSecret: {{ .akclientSecret | default "" }}
|
|
||||||
akaccessToken: {{ .akaccessToken | default "" }}
|
|
||||||
doaccessToken: {{ .doaccessToken | default "" }}
|
|
||||||
rfctsigSecret: {{ .rfctsigSecret | default "" }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end -}}
|
|
|
@ -1,51 +0,0 @@
|
||||||
{{- define "certmanager.clusterissuer.ca" -}}
|
|
||||||
{{- range .Values.clusterIssuer.CA }}
|
|
||||||
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
|
|
||||||
{{- fail "CA - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- if .selfSigned }}
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: ClusterIssuer
|
|
||||||
metadata:
|
|
||||||
name: {{ .name }}-selfsigned-ca-issuer
|
|
||||||
spec:
|
|
||||||
selfSigned: {}
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: {{ .name }}-selfsigned-ca
|
|
||||||
namespace: cert-manager
|
|
||||||
spec:
|
|
||||||
isCA: true
|
|
||||||
commonName: {{ .selfSignedCommonName }}
|
|
||||||
secretName: {{ .name }}-ca
|
|
||||||
privateKey:
|
|
||||||
algorithm: ECDSA
|
|
||||||
size: 256
|
|
||||||
issuerRef:
|
|
||||||
name: selfsigned-ca-issuer
|
|
||||||
kind: ClusterIssuer
|
|
||||||
group: cert-manager.io
|
|
||||||
{{- else }}
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: {{ .name }}-ca
|
|
||||||
namespace: cert-manager
|
|
||||||
data:
|
|
||||||
tls.crt: {{ .crt | b64enc }}
|
|
||||||
tls.key: {{ .key | b64enc }}
|
|
||||||
{{- end }}
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: ClusterIssuer
|
|
||||||
metadata:
|
|
||||||
name: {{ .name }}
|
|
||||||
spec:
|
|
||||||
ca:
|
|
||||||
secretName: {{ .name }}-ca
|
|
||||||
{{- end }}
|
|
||||||
{{- end -}}
|
|
|
@ -1,14 +0,0 @@
|
||||||
{{- define "certmanager.clusterissuer.selfsigned" -}}
|
|
||||||
{{- if .Values.clusterIssuer.selfSigned.enabled -}}
|
|
||||||
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .Values.clusterIssuer.selfSigned.name) -}}
|
|
||||||
{{- fail "Self Singed Issuer - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
|
|
||||||
{{- end }}
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: ClusterIssuer
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.clusterIssuer.selfSigned.name }}
|
|
||||||
spec:
|
|
||||||
selfSigned: {}
|
|
||||||
{{- end }}
|
|
||||||
{{- end -}}
|
|
|
@ -1,10 +0,0 @@
|
||||||
{{/* Make sure all variables are set properly */}}
|
|
||||||
{{- include "tc.v1.common.loader.init" . }}
|
|
||||||
|
|
||||||
{{/* Render the templates */}}
|
|
||||||
{{ include "tc.v1.common.loader.apply" . }}
|
|
||||||
|
|
||||||
{{- include "certmanager.clusterissuer.acme" . }}
|
|
||||||
{{- include "certmanager.clusterissuer.selfsigned" . }}
|
|
||||||
{{- include "certmanager.clusterissuer.ca" . }}
|
|
||||||
{{- include "certmanager.metrics" . }}
|
|
|
@ -1,4 +0,0 @@
|
||||||
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
|
|
||||||
categories:
|
|
||||||
- core
|
|
||||||
|
|
Loading…
Reference in New Issue