andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/aquarist-labs/s3gw/templates/certificate.yaml

39 lines
1.2 KiB
YAML
Raw Blame History

{{- if .Values.useCertManager }}
---
# s3gw-ca root certificate
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-cert
namespace: {{ .Values.certManagerNamespace }}
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
commonName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca
isCA: true
issuerRef:
kind: ClusterIssuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer
privateKey:
algorithm: ECDSA
size: 256
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root
---
# s3gw internal service certificate (private domain)
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-cert
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
dnsNames:
- '{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
- '*.{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
issuerRef:
kind: ClusterIssuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
{{- end }}
Reference in New Issue View Git Blame Copy Permalink