sigs.k8s.io/kubebuilder/v3@v3.14.0/pkg/plugins/common/kustomize/v1/scaffolds/internal/templates/config/certmanager/certificate.go

sigs.k8s.io/kubebuilder/v3@v3.14.0/pkg/plugins/common/kustomize/v1/scaffolds/internal/templates/config/certmanager/certificate.go (about)

     1  /*
     2  Copyright 2020 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package certmanager
    18  
    19  import (
    20  	"path/filepath"
    21  
    22  	"sigs.k8s.io/kubebuilder/v3/pkg/machinery"
    23  )
    24  
    25  var _ machinery.Template = &Certificate{}
    26  
    27  // Certificate scaffolds a file that defines the issuer CR and the certificate CR
    28  type Certificate struct {
    29  	machinery.TemplateMixin
    30  	machinery.ProjectNameMixin
    31  }
    32  
    33  // SetTemplateDefaults implements file.Template
    34  func (f *Certificate) SetTemplateDefaults() error {
    35  	if f.Path == "" {
    36  		f.Path = filepath.Join("config", "certmanager", "certificate.yaml")
    37  	}
    38  
    39  	f.TemplateBody = certManagerTemplate
    40  
    41  	// If file exists (ex. because a webhook was already created), skip creation.
    42  	f.IfExistsAction = machinery.SkipFile
    43  
    44  	return nil
    45  }
    46  
    47  const certManagerTemplate = `# The following manifests contain a self-signed issuer CR and a certificate CR.
    48  # More document can be found at https://docs.cert-manager.io
    49  # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
    50  apiVersion: cert-manager.io/v1
    51  kind: Issuer
    52  metadata:
    53    labels:
    54      app.kubernetes.io/name: issuer
    55      app.kubernetes.io/instance: selfsigned-issuer
    56      app.kubernetes.io/component: certificate
    57      app.kubernetes.io/created-by: {{ .ProjectName }}
    58      app.kubernetes.io/part-of: {{ .ProjectName }}
    59      app.kubernetes.io/managed-by: kustomize
    60    name: selfsigned-issuer
    61    namespace: system
    62  spec:
    63    selfSigned: {}
    64  ---
    65  apiVersion: cert-manager.io/v1
    66  kind: Certificate
    67  metadata:
    68    labels:
    69      app.kubernetes.io/name: certificate
    70      app.kubernetes.io/instance: serving-cert
    71      app.kubernetes.io/component: certificate
    72      app.kubernetes.io/created-by: {{ .ProjectName }}
    73      app.kubernetes.io/part-of: {{ .ProjectName }}
    74      app.kubernetes.io/managed-by: kustomize
    75    name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
    76    namespace: system
    77  spec:
    78    # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
    79    dnsNames:
    80    - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
    81    - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
    82    issuerRef:
    83      kind: Issuer
    84      name: selfsigned-issuer
    85    secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
    86  `