74 lines
2.1 KiB
YAML
74 lines
2.1 KiB
YAML
{{/*
|
|
Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- define "local.tls_secret_name" -}}
|
|
{{- $group := index . 0 -}}
|
|
{{- $type := index . 1 -}}
|
|
{{- $envAll := index . 2 -}}
|
|
{{ printf "%s-%s-%s" $envAll.Release.Name $group $type | replace "_" "-" }}
|
|
{{- end -}}
|
|
|
|
{{- define "local.tls_secret" }}
|
|
{{- $group := index . 0 }}
|
|
{{- $type := index . 1 }}
|
|
{{- $bundle := index . 2 }}
|
|
{{- $envAll := index . 3 }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ tuple $group $type $envAll | include "local.tls_secret_name" }}
|
|
namespace: {{ $envAll.Release.Namespace }}
|
|
type: opaque
|
|
data:
|
|
{{- if hasKey $bundle "ca" }}
|
|
ca.crt: |-
|
|
{{ $bundle.ca | b64enc | indent 4 }}
|
|
{{- end }}
|
|
{{- if hasKey $bundle "cert" }}
|
|
tls.crt: |-
|
|
{{ $bundle.cert | b64enc | indent 4 }}
|
|
{{- end }}
|
|
{{- if hasKey $bundle "key" }}
|
|
tls.key: |-
|
|
{{ $bundle.key | b64enc | indent 4 }}
|
|
{{- end }}
|
|
...
|
|
{{- end -}}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ .Values.secrets.tls.webhook_apiserver.api.public }}
|
|
namespace: {{ .Release.Namespace }}
|
|
type: opaque
|
|
data:
|
|
ca.crt: |-
|
|
{{ .Values.secrets.tls.webhook_apiserver.api.server.ca | b64enc | indent 4 }}
|
|
tls.crt: |-
|
|
{{ .Values.secrets.tls.webhook_apiserver.api.server.cert | b64enc | indent 4 }}
|
|
tls.key: |-
|
|
{{ .Values.secrets.tls.webhook_apiserver.api.server.key | b64enc | indent 4 }}
|
|
...
|
|
{{- if .Values.manifests.secret_tls }}
|
|
{{- $envAll := . }}
|
|
{{- range $group, $certs := .Values.certificates }}
|
|
{{- range $type, $bundle := $certs }}
|
|
{{ tuple $group $type $bundle $envAll | include "local.tls_secret" }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|