helmfile.yaml
2.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
bases:
- ../common/environments.yaml
repositories:
- name: jetstack
url: https://charts.jetstack.io
---
releases:
- name: root-ca
chart: charts/root-ca
namespace: cert-manager
strategicMergePatches:
- apiVersion: v1
kind: Secret
metadata:
name: root-ca
namespace: cert-manager
data:
tls.crt: {{ .Values | get "root-ca.crt" }}
tls.key: {{ .Values | get "root-ca.key" }}
ca.crt: {{ .Values | get "root-ca.crt" }}
ca.key: {{ .Values | get "root-ca.key" }}
- name: cert-manager
chart: jetstack/cert-manager
namespace: cert-manager
values:
- installCRDs: true
- name: cluster-issuer
chart: charts/cluster-issuer
disableValidationOnInstall: true
needs:
- cert-manager/cert-manager
jsonPatches:
{{- if not (empty (.Values.clusterIssuer.jsonPatches)) }}
{{- .Values.clusterIssuer.jsonPatches | toYaml | indent 6 }}
{{- end }}
strategicMergePatches:
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: ca-issuer
namespace: cert-manager
spec:
ca:
secretName: {{ .Values.clusterIssuer.caIssuer.secretName }}
- apiVersion: v1
kind: Secret
metadata:
namespace: cert-manager
name: acme-account-key
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
data:
tls.key: {{ .Values.clusterIssuer.letsencrypt.tls_key }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
namespace: cert-manager
name: letsencrypt-staging
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
spec:
acme:
email: {{ .Values.clusterIssuer.letsencrypt.email }}
{{- if .Values.clusterIssuer.letsencrypt.solvers }}
solvers: {{ .Values.clusterIssuer.letsencrypt.solvers | toYaml | nindent 14 }}
{{- end }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
namespace: cert-manager
name: letsencrypt-production
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
spec:
acme:
email: {{ .Values.clusterIssuer.letsencrypt.email }}
{{- if .Values.clusterIssuer.letsencrypt.solvers }}
solvers: {{ .Values.clusterIssuer.letsencrypt.solvers | toYaml | nindent 14 }}
{{- end }}
{{- else }}
$patch: delete
{{- end }}
{{- if not (empty (.Values.clusterIssuer.strategicMergePatches)) }}
{{- .Values.clusterIssuer.strategicMergePatches | toYaml | indent 6 }}
{{- end }}