helmfile.yaml
2.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
environments:
default:
values:
- clusterIssuer:
jsonPatches: []
strategicMergePatches: []
caIssuer:
secretName: root-ca
letsencrypt:
enabled: true
email: name@example.com
tls_key: replace-me
repositories:
- name: jetstack
url: https://charts.jetstack.io
---
releases:
- name: cert-manager
chart: jetstack/cert-manager
namespace: cert-manager
values:
- installCRDs: true
- name: cluster-issuer
chart: charts/cluster-issuer
disableValidationOnInstall: true
needs:
- cert-manager/cert-manager
jsonPatches:
{{- if not (empty (.Values.clusterIssuer.jsonPatches)) }}
{{- .Values.clusterIssuer.jsonPatches | toYaml | indent 6 }}
{{- end }}
strategicMergePatches:
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: ca-issuer
namespace: cert-manager
spec:
ca:
secretName: {{ .Values.clusterIssuer.caIssuer.secretName }}
- apiVersion: v1
kind: Secret
metadata:
namespace: cert-manager
name: acme-account-key
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
data:
tls.key: {{ .Values.clusterIssuer.letsencrypt.tls_key }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
namespace: cert-manager
name: letsencrypt-staging
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
spec:
email: {{ .Values.clusterIssuer.letsencrypt.email }}
{{- else }}
$patch: delete
{{- end }}
- apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
namespace: cert-manager
name: letsencrypt-production
{{- if .Values.clusterIssuer.letsencrypt.enabled }}
spec:
email: {{ .Values.clusterIssuer.letsencrypt.email }}
{{- else }}
$patch: delete
{{- end }}
{{- if not (empty (.Values.clusterIssuer.strategicMergePatches)) }}
{{- .Values.clusterIssuer.strategicMergePatches | toYaml | indent 6 }}
{{- end }}