add cert-manager
This commit is contained in:
parent
9b0ce69488
commit
ccd455a83b
|
@ -27,9 +27,22 @@ steps:
|
|||
image: *kube
|
||||
commands:
|
||||
- *config
|
||||
- helm repo add woodpecker https://woodpecker-ci.org/
|
||||
- helm repo add woodpecker https://woodpecker-ci.org
|
||||
- helm repo update
|
||||
- helm upgrade --install woodpecker woodpecker/woodpecker --version 1.1.1 --values woodpecker/values.yaml --namespace ci --atomic
|
||||
when:
|
||||
- path: 'woodpecker/values.yaml'
|
||||
- path: '.woodpecker/.deploy.yaml'
|
||||
secrets: [KUBEAUTH]
|
||||
|
||||
- name: cert-manager
|
||||
image: *kube
|
||||
commands:
|
||||
- *config
|
||||
- helm repo add jetstack https://charts.jetstack.io
|
||||
- helm repo update
|
||||
- helm upgrade --install cert-manager jetstack/cert-manager --version v1.14.2 --values cert-manager/values.yaml --namespace cert-manager --atomic
|
||||
when:
|
||||
- path: 'cert-manager/values.yaml'
|
||||
- path: '.woodpecker/.deploy.yaml'
|
||||
secrets: [KUBEAUTH]
|
||||
|
|
16
cert-manager/letsencrypt-prod.yaml
Normal file
16
cert-manager/letsencrypt-prod.yaml
Normal file
|
@ -0,0 +1,16 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-prod
|
||||
namespace: cert-manager
|
||||
spec:
|
||||
acme:
|
||||
email: git@garbage.world
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
preferredChain: "ISRG Root X1"
|
||||
privateKeySecretRef:
|
||||
name: prod-issuer-account-key
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: nginx
|
17
cert-manager/letsencrypt-staging.yaml
Normal file
17
cert-manager/letsencrypt-staging.yaml
Normal file
|
@ -0,0 +1,17 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-staging
|
||||
spec:
|
||||
acme:
|
||||
email: git@garbage.world
|
||||
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
preferredChain: "ISRG Root X1"
|
||||
privateKeySecretRef:
|
||||
# Secret resource that will be used to store the account's private key.
|
||||
name: staging-issuer-account-key
|
||||
# Add a single challenge solver, HTTP01 using nginx
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: nginx
|
4
cert-manager/values.yaml
Normal file
4
cert-manager/values.yaml
Normal file
|
@ -0,0 +1,4 @@
|
|||
installCRDs: true
|
||||
|
||||
prometheus:
|
||||
enabled: false
|
|
@ -14,11 +14,17 @@
|
|||
}
|
||||
],
|
||||
"packageRules": [
|
||||
{
|
||||
"matchDatasources": ["helm"],
|
||||
"matchManagers": ["custom.regex"],
|
||||
"matchPackageNames": ["cert-manager"],
|
||||
"registryUrls": ["https://charts.jetstack.io"]
|
||||
},
|
||||
{
|
||||
"matchDatasources": ["helm"],
|
||||
"matchManagers": ["custom.regex"],
|
||||
"matchPackageNames": ["woodpecker"],
|
||||
"registryUrls": ["https://woodpecker-ci.org"]
|
||||
},
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue