dfec78f8 by Adam Heath

cert-manager and istio now follow the helmfile pattern.

1 parent 41755af6
1 ---
2 releases:
3 - name: cert-manager
4 chart: .
5 wait: true
6 ---
1 apiVersion: kustomize.config.k8s.io/v1beta1
2 kind: Kustomization
3
4 resources:
5 - https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.yaml
1 ---
2 apiVersion: cert-manager.io/v1
3 kind: ClusterIssuer
4 metadata:
5 namespace: cert-manager
6 name: ca-issuer
7 spec:
8 ca:
9 secretName: root-ca
10 ---
11
1 bases:
2 - ../environments.yaml
3
4 ---
5 releases:
6 - name: cluster-issuer
7 namespace: cert-manager
8 chart: .
9 wait: true
10 condition: cert-manager.enabled
11 ---
1 apiVersion: kustomize.config.k8s.io/v1beta1
2 kind: Kustomization
3
4 resources:
5 - ./cluster-issuer.yaml
6
1 ---
2 apiVersion: cert-manager.io/v1
3 kind: ClusterIssuer
4 metadata:
5 namespace: cert-manager
6 name: ca-issuer
7 spec:
8 ca:
9 secretName: root-ca
10 ---
11
1 environments:
2 default:
3 values:
4 - clusterIssuer:
5 jsonPatches: []
6 strategicMergePatches: []
7 caIssuer:
8 secretName: root-ca
9
10 ---
11 helmfiles:
12 - path: ./charts/cert-manager/helmfile.yaml
13 values:
14 -
15 {{- toYaml .Values | nindent 8 }}
16
17 releases:
18 - name: cluster-issuer
19 chart: charts/cluster-issuer
20 jsonPatches:
21 {{- if not (empty (.Values.clusterIssuer.jsonPatches)) }}
22 {{- .Values.clusterIssuer.jsonPatches | toYaml | indent 6 }}
23 {{- end }}
24 strategicMergePatches:
25 - apiVersion: cert-manager.io/v1
26 kind: ClusterIssuer
27 metadata:
28 name: ca-issuer
29 namespace: cert-manager
30 spec:
31 ca:
32 secretName: {{ .Values.clusterIssuer.caIssuer.secretName }}
33 {{- if not (empty (.Values.clusterIssuer.strategicMergePatches)) }}
34 {{- .Values.clusterIssuer.strategicMergePatches | toYaml | indent 6 }}
35 {{- end }}
1 environments:
2 default:
3 values:
4 - namespace: istio-system
5 namePrefix: ""
6 gateways: []
7
8 repositories:
9 - name: istio
10 url: https://istio-release.storage.googleapis.com/charts
11
12 ---
13 helmfiles:
14 - path: istio-base.helmfile.yaml
15 values:
16 - namespace: {{ .Values.namespace }}
17 namePrefix: ""
18 - path: istiod.helmfile.yaml
19 values:
20 - namespace: {{ .Values.namespace }}
21 namePrefix: ""
22
23 releases:
24 {{- range $gateway_index, $gateway := .Values.gateways }}
25 - name: {{ $.Values.namePrefix }}gateway-{{ $gateway.name }}
26 namespace: {{ $gateway | get "namespace" "istio-system" }}
27 chart: istio/gateway
28 values:
29 - service:
30 type: LoadBalancer
31 loadBalancerIP: {{ $gateway | get "loadBalancerIP" "" }}
32 externalTrafficPolicy: Cluster
33 ports:
34 - name: status-port
35 port: 15021
36 protocol: TCP
37 targetPort: 15021
38 - name: http2
39 port: 80
40 protocol: TCP
41 targetPort: 80
42 - name: https
43 port: 443
44 protocol: TCP
45 targetPort: 443
46 name: {{ $gateway.name }}
47 {{- end }}
48
1 releases:
2 - name: {{ .Values.namePrefix }}istio-base
3 namespace: {{ .Values.namespace }}
4 chart: istio/base
5
1 releases:
2 - name: {{ .Values.namePrefix }}istiod
3 namespace: {{ .Values.namespace }}
4 chart: istio/istiod
5