| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| |
| {{- if .Values.certs.internal_issuer.enabled }} |
| {{- if eq .Values.certs.internal_issuer.type "selfsigning" }} |
| apiVersion: "{{ .Values.certs.internal_issuer.apiVersion }}" |
| kind: Issuer |
| metadata: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.certs.internal_issuer.component }}" |
| namespace: {{ template "pulsar.namespace" . }} |
| spec: |
| selfSigned: {} |
| --- |
| |
| apiVersion: "{{ .Values.certs.internal_issuer.apiVersion }}" |
| kind: Certificate |
| metadata: |
| name: "{{ template "pulsar.fullname" . }}-ca" |
| namespace: {{ template "pulsar.namespace" . }} |
| spec: |
| secretName: "{{ .Release.Name }}-{{ .Values.tls.ca_suffix }}" |
| commonName: "{{ template "pulsar.namespace" . }}.svc.{{ .Values.clusterDomain }}" |
| duration: "{{ .Values.certs.internal_issuer.duration }}" |
| renewBefore: "{{ .Values.certs.internal_issuer.renewBefore }}" |
| usages: |
| - server auth |
| - client auth |
| isCA: true |
| issuerRef: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.certs.internal_issuer.component }}" |
| # We can reference ClusterIssuers by changing the kind here. |
| # The default value is Issuer (i.e. a locally namespaced Issuer) |
| kind: Issuer |
| # This is optional since cert-manager will default to this value however |
| # if you are using an external issuer, change this to that issuer group. |
| group: cert-manager.io |
| --- |
| |
| apiVersion: "{{ .Values.certs.internal_issuer.apiVersion }}" |
| kind: Issuer |
| metadata: |
| name: "{{ template "pulsar.fullname" . }}-{{ .Values.certs.internal_issuer.component }}-ca-issuer" |
| namespace: {{ template "pulsar.namespace" . }} |
| spec: |
| ca: |
| secretName: "{{ .Release.Name }}-{{ .Values.tls.ca_suffix }}" |
| {{- end }} |
| {{- end }} |