Unverified Commit 9c00d8e1 authored by Varac's avatar Varac
Browse files

Configure ssl.com clusterissuer

parent 2c4bbdf1
Pipeline #15945 passed with stage
in 12 seconds
......@@ -17,7 +17,8 @@ Create a `gitlab` namespace:
Create a secret for the Gitlab kubernetes agent:
cat flux/gitlab-k8s-agent-secret.yml.tmpl| token=TOKEN_IN_PLAINTEXT envsubst | kubectl apply -f -
cat flux/gitlab-k8s-agent-secret.yml.tmpl| token=$GITLAB-K8S-AGENT-SECRET envsubst | kubectl apply -f -
cat flux/sslcom-eabsecret-secret.yml.tmpl | secret=$SSL_COM_EAB_HMAC_KEY envsubst | kubectl apply -f -
Run
......
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: sslcom-issuer
namespace: cert-manager
spec:
acme:
email: maarten@greenhost.nl
server: https://acme.ssl.com/sslcom-dv-rsa
externalAccountBinding:
keyID: 24e31e029f14
keySecretRef:
name: sslcom-eabsecret
key: secret
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: sslcom-eabsecret
solvers:
- http01:
ingress:
class: nginx
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: cert-manager
name: stackspin-cert-manager-override
data:
values.yaml: |
ingressShim:
defaultIssuerName: sslcom-issuer
defaultIssuerKind: ClusterIssuer
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: sslcom
namespace: cert-manager
spec:
interval: 24h
sourceRef:
kind: GitRepository
name: kubernetes-agent-setup
path: ./flux/cert-manager
prune: true
validation: client
apiVersion: v1
kind: Secret
metadata:
name: sslcom-eabsecret
namespace: cert-manager
stringData:
secret: ${secret}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment