Merge pull request #128 from OSGP/SMHE-2268-add-certificate

Add certificate template for Certmanager

Author: angelosleebos

charts/gxf/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: gxf
 description: Generic GXF Helm chart
-version: '1.7.0'
+version: '1.8.0'
 icon: https://artwork.lfenergy.org/projects/grid-exchange-fabric/abbrev/color/grid-exchange-fabric-abbrev-color.png
 maintainers:
   - name: OSGP

charts/gxf/templates/certificate.yaml

@@ -0,0 +1,39 @@
+{{- range .Values.certificates }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ $.Release.Name }}-{{ .name }}
+spec:
+  secretName: {{ $.Release.Name }}-{{ .name }}
+  duration: {{ .duration | default "8760h0m0s" }}
+  renewBefore: {{ .renewBefore | default "720h0m0s" }}
+  commonName: {{ .commonName }}
+  privateKey:
+    algorithm: RSA
+    size: 2048
+  {{- if .dnsNames }}
+  dnsNames:
+    {{- range .dnsNames }}
+    - {{ . }}
+    {{- end }}
+  {{- end }}
+  issuerRef:
+    name: {{ if $.issuerRefName }}{{ $.issuerRefName }}{{ else }}{{ printf "%s-ca-issuer" $.Release.Namespace }}{{ end }}
+    kind: {{ if $.issuerRefKind }}{{ $.issuerRefKind }}{{ else }}Issuer{{ end }}
+  usages:
+    {{- if .usages }}
+    {{- range .usages }}
+    - {{ . }}
+    {{- end }}
+    {{- else }}
+    - server auth
+    - client auth
+    {{- end }}
+  keystores:
+    pkcs12:
+      create: true
+      passwordSecretRef:
+        name: keystore-password
+        key: password
+---
+{{- end }}

charts/gxf/values.yaml

@@ -104,3 +104,13 @@ logging:
   # filename: your-own-choosing (defaults to .Release.Name)
   maxHistoryDays: 3
   totalSizeCap: 2GB
+
+certificates: []
+  # - name: example-client-tls-cert
+  #   commonName: example-client
+  #   usages:
+  #     - client auth
+  # - name: example-server-tls-cert
+  #   commonName: example.com
+  #   dnsNames:
+  #     - example.com