28 lines
1.3 KiB
YAML
28 lines
1.3 KiB
YAML
{{- $proxy := mustMergeOverwrite (mustDeepCopy .Values) .Values.proxy -}}
|
|
{{- if $proxy.highAvailability.certManager.enabled }}
|
|
{{- $domain := (required "clusterName is required in chartValues when certManager is enabled" $proxy.clusterName) }}
|
|
{{- $domainWildcard := printf "*.%s" (required "clusterName is required in chartValues when certManager is enabled" $proxy.clusterName) }}
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Certificate
|
|
metadata:
|
|
name: {{ .Release.Name }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels: {{- include "teleport-cluster.proxy.labels" . | nindent 4 }}
|
|
spec:
|
|
secretName: teleport-tls
|
|
{{- if $proxy.highAvailability.certManager.addCommonName }}
|
|
commonName: {{ quote $domain }}
|
|
{{- end }}
|
|
dnsNames:
|
|
- {{ quote $domain }}
|
|
- {{ quote $domainWildcard }}
|
|
issuerRef:
|
|
name: {{ required "highAvailability.certManager.issuerName is required in chart values" $proxy.highAvailability.certManager.issuerName }}
|
|
kind: {{ required "highAvailability.certManager.issuerKind is required in chart values" $proxy.highAvailability.certManager.issuerKind }}
|
|
group: {{ required "highAvailability.certManager.issuerGroup is required in chart values" $proxy.highAvailability.certManager.issuerGroup }}
|
|
{{- with $proxy.annotations.certSecret }}
|
|
secretTemplate:
|
|
annotations: {{- toYaml . | nindent 6 }}
|
|
{{- end }}
|
|
{{- end }}
|