diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index 2129668..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,18 +0,0 @@ -# Changelog - -## [Unreleased] - -### Added - -- `.mailmap` to ease fetching contributors list (#19) -- `CHANGELOG.md` is now maintained - -### Changed - -- License the project under Apache 2.0 (#19) -- Bumped cert-manager to `1.14.5` -- Recommended Kubernetes version is now `v1.29` - -## [v0.0.1] - 2020-11-19 - -- Initial release diff --git a/README.md b/README.md index b61cfb7..af5c7d3 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ cert-manager Webhook for Scaleway DNS is a ACME [webhook](https://cert-manager.i - A [Scaleway Access Key and a Scaleway Secret Key](https://www.scaleway.com/en/docs/generate-api-keys/) - A valid domain configured on [Scaleway DNS](https://www.scaleway.com/en/docs/scaleway-dns/) -- A Kubernetes cluster (v1.22+ recommended) +- A Kubernetes cluster (v1.29+ recommended) - [Helm 3](https://helm.sh/) [installed](https://helm.sh/docs/intro/install/) on your computer - cert-manager [deployed](https://cert-manager.io/docs/installation/) on the cluster @@ -31,6 +31,8 @@ helm install scaleway-webhook deploy/scaleway-webhook --set secret.accessKey= Refer to the chart's documentation for more configuration options. + ### How to use it **Note**: It uses the [cert-manager webhook system](https://cert-manager.io/docs/configuration/acme/dns01/webhook/). Everything after the issuer is configured is just cert-manager. You can find out more in [their documentation](https://cert-manager.io/docs/usage/). diff --git a/deploy/scaleway-webhook/Chart.yaml b/deploy/scaleway-webhook/Chart.yaml index e4aa579..4291ed7 100644 --- a/deploy/scaleway-webhook/Chart.yaml +++ b/deploy/scaleway-webhook/Chart.yaml @@ -1,5 +1,5 @@ -apiVersion: v1 -appVersion: "v0.0.1" +apiVersion: v2 +appVersion: "v0.1.0" description: Cert-Manager webhook for Scaleway name: scaleway-webhook -version: 0.0.1 +version: 0.1.0 diff --git a/deploy/scaleway-webhook/README.md b/deploy/scaleway-webhook/README.md new file mode 100644 index 0000000..b543a73 --- /dev/null +++ b/deploy/scaleway-webhook/README.md @@ -0,0 +1,51 @@ +# Scaleway Webhook + +Deploys the scaleway certmanager webhook. + +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.1.0](https://img.shields.io/badge/AppVersion-v0.1.0-informational?style=flat-square) ![ChartVersion: 0.1.0](https://img.shields.io/badge/ChartVersion-0.1.0-informational?style=flat-square) + +## Installing the Chart + +To install the chart with the release name `scaleway-webhook` use the following: + +```sh +helm upgrade --install scaleway-webhook . +``` + +## Parameters + +### Configuration + +Configuration parameters. + +| Name | Description | Value | +| -------------------------------- | ------------------------------------------------ | ------------------------- | +| `groupName` | Name under which the webhook will be available | `acme.scaleway.com` | +| `certManager.namespace` | Namespace under which cert-manager is installed | `cert-manager` | +| `certManager.serviceAccountName` | Name of the cert-manager service account | `cert-manager` | +| `pki.caDuration` | Webhook ca duration | `43800h` | +| `pki.servingCertificateDuration` | Webhook certificate duration | `8760h` | +| `secret.accessKey` | Default scaleway access key (optional) | `""` | +| `secret.secretKey` | Default scaleway secret key (optional) | `""` | +| `secret.name` | Secret name for the default scaleway credentials | `scaleway-webhook-secret` | + + +### Common configuration + +Common parameters. + +| Name | Description | Value | +| ------------------------ | ------------------------------------------------- | ---------------------------------------- | +| `nameOverride` | Override charts name | `""` | +| `fullnameOverride` | Override charts and release name | `""` | +| `image.repository` | Repository for the webhook image | `scaleway/cert-manager-webhook-scaleway` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.imagePullSecrets` | Image pull secrets | `[]` | +| `image.tag` | Tag for the webhook image, defaults to AppVersion | `""` | +| `service.type` | Service type exposing the webhook | `ClusterIP` | +| `service.port` | Service port exposing the webhook | `443` | +| `resources` | Resources definition | `{}` | +| `nodeSelector` | Node selector | `{}` | +| `tolerations` | Tolerations | `[]` | +| `affinity` | Affinities | `{}` | + diff --git a/deploy/scaleway-webhook/templates/deployment.yaml b/deploy/scaleway-webhook/templates/deployment.yaml index 31668bf..610aacb 100644 --- a/deploy/scaleway-webhook/templates/deployment.yaml +++ b/deploy/scaleway-webhook/templates/deployment.yaml @@ -8,7 +8,9 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: - replicas: {{ .Values.replicaCount }} + replicas: 1 + strategy: + type: Recreate selector: matchLabels: app: {{ include "scaleway-webhook.name" . }} diff --git a/deploy/scaleway-webhook/values.yaml b/deploy/scaleway-webhook/values.yaml index 2dd1d87..3287cc0 100644 --- a/deploy/scaleway-webhook/values.yaml +++ b/deploy/scaleway-webhook/values.yaml @@ -1,30 +1,60 @@ +## @section Configuration +## +## @descriptionStart +## Configuration parameters. +## @descriptionEnd + +## @param groupName Name under which the webhook will be available groupName: acme.scaleway.com +## @param certManager.namespace Namespace under which cert-manager is installed +## @param certManager.serviceAccountName Name of the cert-manager service account certManager: namespace: cert-manager serviceAccountName: cert-manager -image: - repository: scaleway/cert-manager-webhook-scaleway - pullPolicy: IfNotPresent - imagePullSecrets: [] - -nameOverride: "" -fullnameOverride: "" - +## @param pki.caDuration Webhook ca duration +## @param pki.servingCertificateDuration Webhook certificate duration pki: caDuration: 43800h # 5y servingCertificateDuration: 8760h # 1y +## @param secret.accessKey Default scaleway access key (optional) +## @param secret.secretKey Default scaleway secret key (optional) +## @param secret.name Secret name for the default scaleway credentials secret: accessKey: "" secretKey: "" name: scaleway-webhook-secret +## @section Common configuration +## +## @descriptionStart +## Common parameters. +## @descriptionEnd + +## @param nameOverride Override charts name +## @param fullnameOverride Override charts and release name +nameOverride: "" +fullnameOverride: "" + +## @param image.repository Repository for the webhook image +## @param image.pullPolicy Image pull policy +## @param image.imagePullSecrets Image pull secrets +## @param image.tag Tag for the webhook image, defaults to AppVersion +image: + repository: scaleway/cert-manager-webhook-scaleway + pullPolicy: IfNotPresent + imagePullSecrets: [] + tag: "" + +## @param service.type Service type exposing the webhook +## @param service.port Service port exposing the webhook service: type: ClusterIP port: 443 +## @param resources Resources definition resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -37,8 +67,11 @@ resources: {} # cpu: 100m # memory: 128Mi +## @param nodeSelector Node selector nodeSelector: {} +## @param tolerations Tolerations tolerations: [] +## @param affinity Affinities affinity: {}