feat: Create TLS certificates using cert-manager (#3)

jengo · web-flow · commit 70123feab3ed · 2023-04-30T15:57:50.000-07:00
* feat: Added support for TLS certificates using cert-manager
* chore: Added CircleCI badge to README
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -6,7 +6,7 @@ jobs:
     steps:
       - add_ssh_keys:
           fingerprints:
-            - "c8:e3:fe:92:a1:f8:07:87:ff:23:1f:e7:25:4f:7b:9d"
+            - "ef:eb:ba:46:70:a4:6e:1b:73:da:c6:18:8d:ad:32:82"
       - checkout
       - run:
           name: Install dependancies
diff --git a/Chart.yaml b/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: helm-django
 description: A Helm chart for Kubernetes
 type: application
-version: 1.0.0
+version: 1.1.0
 
 sources:
   - https://github.com/jengo/helm-django
diff --git a/README.md b/README.md
@@ -1,4 +1,6 @@
 # helm-django
+[![jengo](https://circleci.com/gh/jengo/helm-django.svg?style=svg)](<LINK>)
+
 
 This helm template is intentionally very generic and basic.  This is meant to act as a starting point to get your application up and running with little effort.
 
diff --git a/templates/certificate.yaml b/templates/certificate.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.certManager.enabled }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.certManager.fqdn }}
+spec:
+  secretName: {{ .Values.certManager.fqdn }}
+  commonName: "{{ .Values.certManager.fqdn }}"
+  dnsNames:
+    - "{{ .Values.certManager.fqdn }}"
+  issuerRef:
+    name: {{ .Values.certManager.issuer.name }}
+    kind: ClusterIssuer
+    group: cert-manager.io
+{{- end }}
diff --git a/test-migrate-values.yaml b/test-migrate-values.yaml
@@ -4,6 +4,14 @@ argoWorkflow:
 deployment:
   enabled: false
 
+certManager:
+  enabled: true
+  fqdn: example.jolene.dev
+  issuer:
+    # Required value: set issuer for cert-manager
+    # https://cert-manager.io/docs/concepts/issuer/
+    name: "letsencrypt-prod"
+
 podAnnotations:
   vault.security.banzaicloud.io/vault-addr: "https://vault.vault:8200"
   vault.security.banzaicloud.io/vault-tls-secret: "vault-tls"
diff --git a/values.yaml b/values.yaml
@@ -83,6 +83,14 @@ service:
       protocol: TCP
       name: http
 
+certManager:
+  enabled: false
+  fqdn: example.jolene.dev
+  issuer:
+    # Required value: set issuer for cert-manager
+    # https://cert-manager.io/docs/concepts/issuer/
+    name: "letsencrypt-prod"
+
 # TODO: Not happy with this layout, it's a pain in the ass to use
 traefikIngressRoute:
   enabled: false
