Commit new Chart releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

enterprise/clusterissuer/4.1.4/app-changelog.md

@@ -1,9 +0,0 @@
-
-
-## [clusterissuer-4.1.4](https://github.com/truecharts/charts/compare/clusterissuer-4.1.3...clusterissuer-4.1.4) (2023-10-27)
-
-### Fix
-
-- fix malformed yaml output ([#14028](https://github.com/truecharts/charts/issues/14028))
-  
-  

enterprise/clusterissuer/4.2.0/CHANGELOG.md

@@ -4,6 +4,19 @@
 
 
 
+## [clusterissuer-4.2.0](https://github.com/truecharts/charts/compare/clusterissuer-4.1.4...clusterissuer-4.2.0) (2023-10-28)
+
+### Chore
+
+- Fix typo in categories and make them singular ([#13693](https://github.com/truecharts/charts/issues/13693))
+  
+  ### Feat
+
+- Add ability to create cluster-wide certificates ([#13852](https://github.com/truecharts/charts/issues/13852))
+  
+  
+
+
 ## [clusterissuer-4.1.4](https://github.com/truecharts/charts/compare/clusterissuer-4.1.3...clusterissuer-4.1.4) (2023-10-27)
 
 ### Fix
@@ -84,16 +97,3 @@
 - update helm general non-major ([#11034](https://github.com/truecharts/charts/issues/11034))
   
   
-
-
-## [clusterissuer-3.0.1](https://github.com/truecharts/charts/compare/clusterissuer-3.0.0...clusterissuer-3.0.1) (2023-07-26)
-
-### Fix
-
-- fix `issuerRef` for self-signed CAs ([#10847](https://github.com/truecharts/charts/issues/10847))
-  
-  
-
-
-## [clusterissuer-3.0.0](https://github.com/truecharts/charts/compare/clusterissuer-2.0.1...clusterissuer-3.0.0) (2023-07-25)
-

enterprise/clusterissuer/4.2.0/Chart.yaml

@@ -10,7 +10,7 @@ keywords:
 dependencies:
   - name: common
     repository: https://library-charts.truecharts.org
-    version: 14.0.9
+    version: 14.1.0
 kubeVersion: ">=1.16.0-0"
 maintainers:
   - email: info@truecharts.org
@@ -21,9 +21,8 @@ sources:
   - https://github.com/truecharts/charts/tree/master/charts/enterprise/clusterissuer
   - https://cert-manager.io/
 type: application
-version: 4.1.4
+version: 4.2.0
 annotations:
-  truecharts.org/catagories: |
-    - core
+  truecharts.org/category: core
   truecharts.org/SCALE-support: "true"
   truecharts.org/grade: U

enterprise/clusterissuer/4.2.0/app-changelog.md

@@ -0,0 +1,13 @@
+
+
+## [clusterissuer-4.2.0](https://github.com/truecharts/charts/compare/clusterissuer-4.1.4...clusterissuer-4.2.0) (2023-10-28)
+
+### Chore
+
+- Fix typo in categories and make them singular ([#13693](https://github.com/truecharts/charts/issues/13693))
+  
+  ### Feat
+
+- Add ability to create cluster-wide certificates ([#13852](https://github.com/truecharts/charts/issues/13852))
+  
+  

enterprise/clusterissuer/4.2.0/ix_values.yaml

@@ -94,3 +94,15 @@ clusterIssuer:
 #         fulldomain: ""
 #         subdomain: ""
 #         allowFrom: []
+
+clusterCertificates:
+  # Namespaces in which the certificates must be available
+  # Accepts comma-separated regex expressions
+  # replicationNamespaces: 'ix-.*'
+  certificates: []
+  # - name: mycert
+  #   enabled: true
+  #   certificateIssuer: selfsigned
+  #   hosts:
+  #     - my.domain.com
+  #     - '*.my.domain.com'

enterprise/clusterissuer/4.2.0/questions.yaml

@@ -371,6 +371,53 @@ questions:
                   valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
                   default: "selfsigned"
 
+  - variable: clusterCertificates
+    group: App Configuration
+    label: Cluster Wide Certificates (Experimental)
+    description: "Creates certificates for use within the entire cluster. Can be used to create wildcard certificates."
+    schema:
+      additional_attrs: true
+      type: dict
+      attrs:
+        - variable: certificates
+          label: Cluster Certificates
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: enabled
+                label: Enabled
+                schema:
+                  type: boolean
+                  default: true
+              - variable: name
+                label: Certificate Name
+                schema:
+                  type: string
+                  required: true
+                  default: ""
+              - variable: certificateIssuer
+                label: Cert-Manager clusterIssuer
+                description: "One of the Cert-Manager clusterIssuers defined above"
+                schema:
+                  type: string
+                  required: true
+                  valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
+                  default: "selfsigned"
+              - variable: hosts
+                label: Certificate Hosts
+                description: "NOTE: Creation of wildcard certificates with an ACME issuer requires a DNSO1 solver to be set up."
+                schema:
+                  type: list
+                  default: []
+                  items:
+                    - variable: host
+                      label: Host
+                      schema:
+                        type: string
+                        default: ""
+                        required: true
+
   - variable: customMetrics
     group: Metrics
     label: Prometheus Metrics

enterprise/clusterissuer/4.2.0/templates/clusterissuer/_clusterCertificates.tpl

@@ -0,0 +1,35 @@
+{{- define "certmanager.clusterissuer.clusterCertificates" -}}
+  {{- if .Values.clusterCertificates -}}
+    {{- $certs := dict -}}
+    {{- $secretTemplates := dict -}}
+    {{- $certNamespace := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $ "objectData" $certs "caller" "ClusterCertificates")) -}}
+  {{- $replicationNamespaces := ".*" -}}
+  {{- if .Values.clusterCertificates.replicationNamespaces -}}
+    {{- $replicationNamespaces = .Values.clusterCertificates.replicationNamespaces -}}
+  {{- else if .Values.ixChartContext -}}
+    {{- $replicationNamespaces = "ix-.*" -}}
+  {{- end -}}
+    {{- $reflectorAnnotations := (dict
+        "reflector.v1.k8s.emberstack.com/reflection-allowed" "true"
+        "reflector.v1.k8s.emberstack.com/reflection-auto-enabled" "true"
+        "reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces" (printf "%v,%v" $certNamespace $replicationNamespaces)
+        "reflector.v1.k8s.emberstack.com/reflection-auto-namespaces" $replicationNamespaces ) -}}
+    {{- $certAnnotations := (mustMerge ($reflectorAnnotations) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
+
+    {{- $_ := set $secretTemplates "annotations" $certAnnotations -}}
+
+    {{- range .Values.clusterCertificates.certificates -}}
+      {{- $_ := set $certs .name dict -}}
+      {{- $currentCert := (index $certs (.name)) -}}
+      {{- $_ := set $currentCert "enabled" .enabled -}}
+      {{- $_ := set $currentCert "nameOverride" .name -}}
+      {{- $_ := set $currentCert "hosts" .hosts -}}
+      {{- $_ := set $currentCert "certificateIssuer" .certificateIssuer -}}
+      {{- $_ := set $currentCert "secretTemplate" $secretTemplates -}}
+    {{- end -}}
+
+  {{- $_ := set .Values "cert" $certs -}}
+  {{/* Render the ClusterWide Certificate(s) */}}
+  {{- include "tc.v1.common.spawner.certificate" . | nindent 0 -}}
+  {{- end -}}
+{{- end -}}

enterprise/clusterissuer/4.2.0/templates/common.yaml

@@ -7,3 +7,8 @@
 {{- include "certmanager.clusterissuer.acme" . }}
 {{- include "certmanager.clusterissuer.selfsigned" . }}
 {{- include "certmanager.clusterissuer.ca" . }}
+
+{{/* Must be called after the initial loader.apply template,
+     because it overrides .Values.cert in order to generate
+     the additional cluster-wide certificates */}}
+{{- include "certmanager.clusterissuer.clusterCertificates" . }}

enterprise/clusterissuer/item.yaml

@@ -1,5 +1,4 @@
 icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/clusterissuer.png
 categories:
 - core
-
 screenshots: []