github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-07-13 22:14:45 +03:00
Code Issues Packages Projects Releases Wiki Activity
openappsec/build_system/charts/open-appsec-kong/templates/certificate.yaml
Ned Wright 795d07bd41 Updating Kong helm chart
2023-06-01 16:15:31 +00:00

90 lines
3.2 KiB
YAML
Raw Blame History

{{- if and ( .Capabilities.APIVersions.Has "cert-manager.io/v1" ) .Values.certificates.enabled -}}
{{- $genericCertificateConfig := dict -}}
{{- $_ := set $genericCertificateConfig "fullName" (include "kong.fullname" .) -}}
{{- $_ := set $genericCertificateConfig "namespace" (include "kong.namespace" .) -}}
{{- $_ := set $genericCertificateConfig "metaLabels" (include "kong.metaLabels" .) -}}
{{- $_ := set $genericCertificateConfig "globalIssuer" .Values.certificates.issuer -}}
{{- $_ := set $genericCertificateConfig "globalClusterIssuer" .Values.certificates.clusterIssuer -}}
{{- $_ := set $genericCertificateConfig "globalSubject" .Values.certificates.subject -}}
{{- $_ := set $genericCertificateConfig "globalPrivateKey" .Values.certificates.privateKey -}}
{{- $_ := set $genericCertificateConfig "defaultIssuer" (printf "%s-%s-%s" .Release.Name .Chart.Name "selfsigned-issuer") -}}
{{- if .Values.certificates.admin.enabled }}
{{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.admin -}}
{{- $_ := set $certificateConfig "serviceName" "admin" -}}
{{- include "kong.certificate" $certificateConfig -}}
{{- end }}
{{- if (and .Values.certificates.portal.enabled .Values.enterprise.enabled) }}
{{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.portal -}}
{{- $_ := set $certificateConfig "serviceName" "portal" -}}
{{- include "kong.certificate" $certificateConfig -}}
{{- end }}
{{- if .Values.certificates.proxy.enabled }}
{{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.proxy -}}
{{- $_ := set $certificateConfig "serviceName" "proxy" -}}
{{- include "kong.certificate" $certificateConfig -}}
{{- end }}
{{- if .Values.certificates.cluster.enabled }}
{{- $certificateConfig := dict -}}
{{- $certificateConfig = mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.cluster -}}
{{- $_ := set $certificateConfig "serviceName" "cluster" -}}
{{- include "kong.certificate" $certificateConfig -}}
{{- end }}
{{- end }}
{{- define "kong.certificate" }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .fullName }}-{{ .serviceName }}
namespace: {{ .namespace }}
labels:
{{- .metaLabels | nindent 4 }}
spec:
secretName: {{ .fullName }}-{{ .serviceName }}-cert
commonName: {{ .commonName }}
dnsNames:
{{- range (append .dnsNames .commonName) }}
- {{ . | quote }}
{{- end }}
renewBefore: 360h0m0s
duration: 2160h0m0s
{{ if .subject -}}
subject:
{{- toYaml .subject | nindent 4 }}
{{ else if .globalSubject -}}
subject:
{{- toYaml .globalSubject | nindent 4 }}
{{- end }}
{{ if .privateKey -}}
privateKey:
{{- toYaml .privateKey | nindent 4 }}
{{ else if .globalPrivateKey -}}
privateKey:
{{- toYaml .globalPrivateKey | nindent 4 }}
{{- end }}
{{ if .clusterIssuer -}}
issuerRef:
name: {{ .clusterIssuer }}
kind: ClusterIssuer
{{ else if .issuer -}}
issuerRef:
name: {{ .issuer }}
kind: Issuer
{{ else if .globalClusterIssuer -}}
issuerRef:
name: {{ .globalClusterIssuer}}
kind: ClusterIssuer
{{ else if .globalIssuer -}}
issuerRef:
name: {{ .globalIssuer }}
kind: Issuer
{{- end -}}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink