diff --git a/certmanager-netcup/main.yaml b/certmanager-netcup/main.yaml index f9bdc4e..3a4871b 100644 --- a/certmanager-netcup/main.yaml +++ b/certmanager-netcup/main.yaml @@ -3,10 +3,11 @@ kind: ServiceAccount metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup + namespace: cert-manager --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -27,7 +28,7 @@ kind: ClusterRole metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup:domain-solver @@ -44,7 +45,7 @@ kind: ClusterRole metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup:flowcontrol @@ -75,11 +76,30 @@ subjects: namespace: cert-manager --- apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app: cert-manager-webhook-netcup + chart: cert-manager-webhook-netcup-1.0.34 + heritage: Helm + release: cert-manager-webhook-netcup + name: cert-manager-webhook-netcup:webhook-authentication-reader + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook-netcup +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup:auth-delegator @@ -98,7 +118,7 @@ kind: ClusterRoleBinding metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup:domain-solver @@ -117,7 +137,7 @@ kind: ClusterRoleBinding metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup:flowcontrol @@ -136,10 +156,11 @@ kind: Service metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup + namespace: cert-manager spec: ports: - name: https @@ -156,12 +177,13 @@ kind: Deployment metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup + namespace: cert-manager spec: - replicas: 1 + replicas: null selector: matchLabels: app: cert-manager-webhook-netcup @@ -179,7 +201,7 @@ spec: env: - name: GROUP_NAME value: com.netcup.webhook - image: ghcr.io/aellwein/cert-manager-webhook-netcup:1.0.29 + image: ghcr.io/aellwein/cert-manager-webhook-netcup:1.0.34 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -214,7 +236,7 @@ metadata: cert-manager.io/inject-ca-from: cert-manager/cert-manager-webhook-netcup-webhook-tls labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: v1alpha1.com.netcup.webhook @@ -232,7 +254,7 @@ kind: Certificate metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup-ca @@ -250,7 +272,7 @@ kind: Certificate metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup-webhook-tls @@ -270,7 +292,7 @@ kind: Issuer metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup-ca @@ -284,7 +306,7 @@ kind: Issuer metadata: labels: app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 + chart: cert-manager-webhook-netcup-1.0.34 heritage: Helm release: cert-manager-webhook-netcup name: cert-manager-webhook-netcup-selfsign diff --git a/certmanager-netcup/rb.yaml b/certmanager-netcup/rb.yaml deleted file mode 100644 index 606b0a5..0000000 --- a/certmanager-netcup/rb.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app: cert-manager-webhook-netcup - chart: cert-manager-webhook-netcup-1.0.29 - heritage: Helm - release: cert-manager-webhook-netcup - name: cert-manager-webhook-netcup:webhook-authentication-reader - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader -subjects: -- apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook-netcup - namespace: cert-manager \ No newline at end of file diff --git a/certmanager-netcup/src/kustomization.yaml b/certmanager-netcup/src/kustomization.yaml index b75cd19..0549a78 100644 --- a/certmanager-netcup/src/kustomization.yaml +++ b/certmanager-netcup/src/kustomization.yaml @@ -5,6 +5,7 @@ kind: Kustomization helmCharts: - name: cert-manager-webhook-netcup repo: https://aellwein.github.io/cert-manager-webhook-netcup/charts/ - version: 1.0.29 + version: 1.0.34 releaseName: cert-manager-webhook-netcup namespace: cert-manager + valuesFile: values.yaml diff --git a/certmanager-netcup/src/values.yaml b/certmanager-netcup/src/values.yaml new file mode 100644 index 0000000..89ede90 --- /dev/null +++ b/certmanager-netcup/src/values.yaml @@ -0,0 +1,49 @@ +# The GroupName here is used to identify your company or business unit that +# created this webhook. +# For example, this may be "acme.mycompany.com". +# This name will need to be referenced in each Issuer's `webhook` stanza to +# inform cert-manager of where to send ChallengePayload resources in order to +# solve the DNS01 challenge. +# This group name should be **unique**, hence using your own company's domain +# here is recommended. + +groupName: com.netcup.webhook + +certManager: + namespace: cert-manager + serviceAccountName: cert-manager + +image: + repository: ghcr.io/aellwein/cert-manager-webhook-netcup + # set version here for upcoming release + tag: 1.0.34 + # sha hash can be used to specify image version, instead of tag + hash: "" + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +service: + type: ClusterIP + port: 443 + +resources: + {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} +