issuer-letsEncrypt.yaml 1.7 KB

12345678910111213141516171819202122232425262728293031323334353637
  1. {{- if eq .Values.tls "ingress" -}}
  2. {{- if eq .Values.ingress.tls.source "letsEncrypt" -}}
  3. {{- $certmanagerVer := split "." .Values.certmanager.version -}}
  4. {{- if or (.Capabilities.APIVersions.Has "cert-manager.io/v1beta1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (ge (int $certmanagerVer._1) 16)) }}
  5. apiVersion: cert-manager.io/v1beta1
  6. {{- else if or (.Capabilities.APIVersions.Has "cert-manager.io/v1alpha2") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (ge (int $certmanagerVer._1) 11)) }}
  7. apiVersion: cert-manager.io/v1alpha2
  8. {{- else if or (.Capabilities.APIVersions.Has "certmanager.k8s.io/v1alpha1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (lt (int $certmanagerVer._1) 11)) }}
  9. apiVersion: certmanager.k8s.io/v1alpha1
  10. {{- else }}
  11. apiVersion: cert-manager.io/v1
  12. {{- end }}
  13. kind: Issuer
  14. metadata:
  15. name: {{ template "rancher.fullname" . }}
  16. labels:
  17. {{ include "rancher.labels" . | indent 4 }}
  18. spec:
  19. acme:
  20. {{- if eq .Values.letsEncrypt.environment "production" }}
  21. server: https://acme-v02.api.letsencrypt.org/directory
  22. {{- else }}
  23. server: https://acme-staging-v02.api.letsencrypt.org/directory
  24. {{- end }}
  25. email: {{ .Values.letsEncrypt.email }}
  26. privateKeySecretRef:
  27. name: letsencrypt-{{ .Values.letsEncrypt.environment }}
  28. {{- if or (.Capabilities.APIVersions.Has "certmanager.k8s.io/v1alpha1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (lt (int $certmanagerVer._1) 11)) }}
  29. http01: {}
  30. {{- else }}
  31. solvers:
  32. - http01:
  33. ingress:
  34. class: {{ .Values.letsEncrypt.ingress.class }}
  35. {{- end }}
  36. {{- end -}}
  37. {{- end -}}