Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 26a96815245899b58f51679b99e55d739dc6e873^! / . / charts / auth
commit26a96815245899b58f51679b99e55d739dc6e873[log] [tgz]
authorgiolekva <giolekva@gmail.com>Fri Dec 03 13:36:02 2021 +0400
committergiolekva <giolekva@gmail.com>Fri Dec 03 13:36:02 2021 +0400
treeaaf3f958122d7023f729f482b3c2802a0491b9ff
parenta2cf492bdebb5dd1c9ac702d6a445c7c17143c0e [diff]
Installer: separate certificates from ingress and annotate to keep them after helm uninstall

diff --git a/charts/auth/templates/certificates.yaml b/charts/auth/templates/certificates.yaml
new file mode 100644
index 0000000..b6b54b7
--- /dev/null
+++ b/charts/auth/templates/certificates.yaml

@@ -0,0 +1,44 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: accounts-ui.{{ .Values.ui.domain }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  dnsNames:
+  - 'accounts-ui.{{ .Values.ui.domain }}'
+  issuerRef:
+    name: {{ .Values.ui.certificateIssuer }}
+    kind: ClusterIssuer
+  secretName: cert-accounts-ui.{{ .Values.ui.domain }}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: accounts.{{ .Values.ui.domain }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  dnsNames:
+  - 'accounts.{{ .Values.ui.domain }}'
+  issuerRef:
+    name: {{ .Values.ui.certificateIssuer }}
+    kind: ClusterIssuer
+  secretName: cert-accounts.{{ .Values.ui.domain }}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: hydra.{{ .Values.ui.domain }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  dnsNames:
+  - 'hydra.{{ .Values.ui.domain }}'
+  issuerRef:
+    name: {{ .Values.ui.certificateIssuer }}
+    kind: ClusterIssuer
+  secretName: cert-hydra.{{ .Values.ui.domain }}

diff --git a/charts/auth/templates/ui.yaml b/charts/auth/templates/ui.yaml
index ee79d7e..8936f4d 100644
--- a/charts/auth/templates/ui.yaml
+++ b/charts/auth/templates/ui.yaml

@@ -18,16 +18,12 @@
 metadata:
   name: ui
   namespace: {{ .Release.Namespace }}
-  annotations:
-    cert-manager.io/cluster-issuer: {{ .Values.ui.certificateIssuer }}
-    acme.cert-manager.io/http01-edit-in-place: "true"
 spec:
   ingressClassName: {{ .Values.ui.ingressClassName }}
   tls:
   - hosts:
     - accounts-ui.{{ .Values.ui.domain }}
     secretName: cert-accounts-ui.{{ .Values.ui.domain }}
-    # secretName: cert-wildcard.{{ .Values.ui.domain }}
   rules:
   - host: accounts-ui.{{ .Values.ui.domain }}
     http:
@@ -62,10 +58,6 @@
       - name: config
         configMap:
           name: {{ .Values.ui.nebula.lighthouse.name }}
-      hostAliases:
-      - ip: "111.0.0.1"
-        hostnames:
-          - "hydra.{{ .Values.ui.internalDomain }}"
       containers:
       - name: server
         image: giolekva/auth-ui:latest