test cert-manager with webhook-solver

remove webhook
pinax-network · Sep 12, 2024 · 589df29 · 589df29
1 parent af752f4
commit 589df29
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 0 deletions.
diff --git a/Tiltfile b/Tiltfile
@@ -30,6 +30,20 @@ helm_remote('cilium',
             repo_url='https://helm.cilium.io')
 k8s_yaml('./test/cilium/dual-stack/crd-values.yaml')
 
+# Cert-manager
+helm_remote('cert-manager',
+            version="v1.15.3",
+            namespace="kube-system",
+            repo_name='jetstack',
+            set=['crds.enabled=true'],
+            repo_url='https://charts.jetstack.io')
+k8s_yaml('./test/cert-manager/clusterIssuer.yaml')
+
+helm_remote('cert-manager-webhook-pinax',
+            version="0.1.0",
+            namespace="kube-system",
+            repo_name='oci://ghcr.io/pinax-network/charts',
+            set=['certManager.namespace=kube-system'])
 
 # CoreDNS with updated RBAC
 k8s_yaml(helm(
@@ -82,3 +96,4 @@ k8s_yaml('./test/gateway-api/resources.yml')
 k8s_yaml('./test/gatewayclasses.yaml')
 k8s_yaml('./test/dual-stack/service-annotation.yml')
 k8s_yaml('./test/dual-stack/ingress-services.yml')
+k8s_yaml('./test/dual-stack/certificate.yaml')
diff --git a/test/cert-manager/clusterIssuer.yaml b/test/cert-manager/clusterIssuer.yaml
@@ -0,0 +1,16 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-dns-01
+spec:
+  acme:
+    # Use Let's Encrypt staging server
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: [email protected]
+    privateKeySecretRef:
+      name: letsencrypt-staging
+    solvers:
+      - dns01:
+          webhook:
+            groupName: acme.pinax.io
+            solverName: pinax-webhook-solver
diff --git a/test/dual-stack/certificate.yaml b/test/dual-stack/certificate.yaml
@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: myservicea-cert
+  namespace: default
+spec:
+  secretName: my-service-cert-secret
+  issuerRef:
+    name: letsencrypt-dns-01 # ClusterIssuer or Issuer name
+    kind: ClusterIssuer # Or Issuer, depending on your configuration
+  dnsNames:
+    - myservicea.foo.org
diff --git a/test/single-stack/certificate.yaml b/test/single-stack/certificate.yaml
@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: myservicea-cert
+  namespace: default
+spec:
+  secretName: my-service-cert-secret
+  issuerRef:
+    name: letsencrypt-dns-01 # ClusterIssuer or Issuer name
+    kind: ClusterIssuer # Or Issuer, depending on your configuration
+  dnsNames:
+    - myservicea.foo.org