From da665af5d3313c2a5566bd27d18dfb3011c86146 Mon Sep 17 00:00:00 2001 From: Kyle Michel Date: Mon, 5 Feb 2024 09:01:10 -0500 Subject: [PATCH] feat: Allow cert-manager certs to be issued by a cluster issuer --- charts/k8s-image-swapper/Chart.yaml | 4 ++-- charts/k8s-image-swapper/README.md | 3 ++- charts/k8s-image-swapper/templates/cert-manager-cert.yaml | 1 + charts/k8s-image-swapper/values.schema.json | 7 +++++++ charts/k8s-image-swapper/values.yaml | 2 ++ 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/k8s-image-swapper/Chart.yaml b/charts/k8s-image-swapper/Chart.yaml index 95d067f..bc8b2b4 100644 --- a/charts/k8s-image-swapper/Chart.yaml +++ b/charts/k8s-image-swapper/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: k8s-image-swapper description: Mirror images into your own registry and swap image references automatically. type: application -version: 1.10.3 +version: 1.11.0 appVersion: 1.5.10 home: https://github.com/estahn/charts/tree/main/charts/k8s-image-swapper keywords: @@ -15,7 +15,7 @@ maintainers: name: estahn annotations: artifacthub.io/changes: | - - "Add webhook timeoutSeconds to allow configuration how long the api server should wait for webhook" + - "Allow cert-manager certs to be issued by a cluster issuer" artifacthub.io/images: | - name: k8s-image-webhook image: ghcr.io/estahn/k8s-image-swapper:1.5.10 diff --git a/charts/k8s-image-swapper/README.md b/charts/k8s-image-swapper/README.md index f953e89..f1b06a0 100644 --- a/charts/k8s-image-swapper/README.md +++ b/charts/k8s-image-swapper/README.md @@ -1,6 +1,6 @@ # k8s-image-swapper -![Version: 1.10.3](https://img.shields.io/badge/Version-1.10.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.10](https://img.shields.io/badge/AppVersion-1.5.10-informational?style=flat-square) +![Version: 1.11.0](https://img.shields.io/badge/Version-1.11.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.10](https://img.shields.io/badge/AppVersion-1.5.10-informational?style=flat-square) Mirror images into your own registry and swap image references automatically. @@ -27,6 +27,7 @@ Mirror images into your own registry and swap image references automatically. | awsSecretName | string | `""` | If set, the secret will be used as environment variables, see awsSecretKeys. | | cacheVolume | object | `{"emptyDir":{}}` | The type of volume to be used for caching images | | certmanager.enabled | bool | `false` | Should cert-manager be used to issue the certificate use by the k8s-image-swapper endpoints | +| certmanager.issuerKind | string | `"Issuer"` | Whether cert-manager should use an Issuer or ClusterIssuer to issue the cert | | certmanager.issuerName | string | `""` | If set, the name of the cert-manager issuer to use to issue the cert, otherwise a self-signed issuer will be created | | clusterSuffix | string | `"cluster.local"` | The DNS suffix of cluster addresses | | commonLabels | object | `{}` | Labels that will be added on all the resources (not in selectors) | diff --git a/charts/k8s-image-swapper/templates/cert-manager-cert.yaml b/charts/k8s-image-swapper/templates/cert-manager-cert.yaml index a6b4a63..c6624af 100644 --- a/charts/k8s-image-swapper/templates/cert-manager-cert.yaml +++ b/charts/k8s-image-swapper/templates/cert-manager-cert.yaml @@ -14,5 +14,6 @@ spec: - {{ printf "%s.%s" (include "k8s-image-swapper.fullname" .) .Release.Namespace }} - {{ include "k8s-image-swapper.fullname" . }} issuerRef: + kind: {{ .Values.certmanager.issuerKind }} name: {{ default (printf "%s-%s" (include "k8s-image-swapper.fullname" .) "issuer") .Values.certmanager.issuerName }} {{- end -}} diff --git a/charts/k8s-image-swapper/values.schema.json b/charts/k8s-image-swapper/values.schema.json index 8187ee1..ee8948c 100644 --- a/charts/k8s-image-swapper/values.schema.json +++ b/charts/k8s-image-swapper/values.schema.json @@ -49,6 +49,13 @@ "enabled": { "type": "boolean" }, + "issuerKind": { + "type": "string", + "enum": [ + "ClusterIssuer", + "Issuer" + ] + }, "issuerName": { "type": "string" } diff --git a/charts/k8s-image-swapper/values.yaml b/charts/k8s-image-swapper/values.yaml index f50ab62..82f1f52 100644 --- a/charts/k8s-image-swapper/values.yaml +++ b/charts/k8s-image-swapper/values.yaml @@ -110,6 +110,8 @@ patch: certmanager: # -- Should cert-manager be used to issue the certificate use by the k8s-image-swapper endpoints enabled: false + # -- Whether cert-manager should use an Issuer or ClusterIssuer to issue the cert + issuerKind: Issuer # -- If set, the name of the cert-manager issuer to use to issue the cert, otherwise a self-signed issuer will be created issuerName: ""