airship/airshipctl
Code Issues Proposed changes
airshipctl/manifests/function/generate-secrets/generate-certificates-template.yaml
guhaneswaran20 bfe88fda56 Introducing secret generation template 
This patchset contains the function-manifests containing the template
to generate secrets. The secrets include both certificates and
passphrases.

Change-Id: Ie26fac9fe7f3918c8ebb746259d1d9bc0b423489
2021-01-05 19:50:42 +05:30

41 lines
1.1 KiB
YAML
Raw Blame History

apiVersion: airshipit.org/v1alpha1
kind: Templater
metadata:
name: generate-certificates-template
annotations:
config.kubernetes.io/function: |-
container:
image: quay.io/airshipit/templater:latest
values:
certificates:
template: |
{{- range $key, $val := .certificates }}
{{- $secretName := $key }}
{{- $secret := $val }}
{{- $ca := "" }}
{{- if not .validity }}
{{- $_ := set . "validity" 365 }}
{{- end }}
{{- if not .cn }}
{{- $_ := set . "cn" "kubernetes" }}
{{- end }}
{{- if .keyEncoding }}
{{- $ca = genCAWithKey .cn .validity (genPrivateKey .keyEncoding)}}
{{- else}}
{{- $ca = genCA .cn .validity }}
{{end -}}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
{{- if $secret.deployk8s }}
namespace: {{ $secret.namespace | default "default" }}
{{- end }}
labels:
airshipit.org/deploy-k8s: {{ $secret.deployk8s | default "false" }}
data:
tls.crt: {{ $ca.Cert|b64enc|quote }}
tls.key: {{ $ca.Key|b64enc|quote }}
type: kubernetes.io/tls
{{ end -}}
View Git Blame Copy Permalink