Giter Site home page Giter Site logo

kr1kr1 / cert-manager-webhook-scaleway Goto Github PK

View Code? Open in Web Editor NEW

This project forked from scaleway/cert-manager-webhook-scaleway

0.0 0.0 0.0 69 KB

A Scaleway DNS ACME webhook for cert-manager

Go 78.44% Makefile 8.25% Dockerfile 3.90% Mustache 9.40%

cert-manager-webhook-scaleway's Introduction

cert-manager Webhook for Scaleway DNS

cert-manager Webhook for Scaleway DNS is a ACME webhook for cert-manager allowing users to use Scaleway DNS for DNS01 challenge.

Getting started

Prerequisites

Installing

Once everything is set up, you can now install the Scaleway Webhook:

  • Clone this repository:
git clone https://github.com/scaleway/cert-manager-webhook-scaleway.git
  • Run:
helm install scaleway-webhook deploy/scaleway-webhook
  • Alternatively, you can install the webhook with default credentials with:
helm install scaleway-webhook deploy/scaleway-webhook --set secret.accessKey=<YOUR-ACCESS-KEY> --set secret.secretKey=<YOUR-SECRET_KEY>

The Scaleway Webhook is now installed! ๐ŸŽ‰

How to use it

Note: It uses the cert-manager webhook system. Everything after the issuer is configured is just cert-manager. You can find out more in their documentation.

Now that the webhook is installed, here is how to use it. Let's say you need a certificate for example.com (should be registered in Scaleway DNS).

First step is to create a secret containing the Scaleway Access and Secret keys. Create the scaleway-secret.yaml file with the following content: (Only needed if you don't have default credentials as seen above).

apiVersion: v1
stringData:
  SCW_ACCESS_KEY: <YOUR-SCALEWAY-ACCESS-KEY>
  SCW_SECRET_KEY: <YOUR-SCALEWAY-SECRET-KEY>
kind: Secret
metadata:
  name: scaleway-secret
type: Opaque

And run:

kubectl create -f scaleway-secret.yaml

Next step is to create a cert-manager Issuer. Create a issuer.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: my-scaleway-issuer
spec:
  acme:
    email: [email protected]
    # this is the acme staging URL
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    # for production use this URL instead
    # server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: my-scaleway-private-key-secret
    solvers:
    - dns01:
        webhook:
          groupName: acme.scaleway.com
          solverName: scaleway
          config:
            # Only needed if you don't have default credentials as seen above.
            accessKeySecretRef:
              key: SCW_ACCESS_KEY
              name: scaleway-secret
            secretKeySecretRef:
              key: SCW_SECRET_KEY
              name: scaleway-secret

And run:

kubectl create -f issuer.yaml

Finally, you can now create the Certificate object for example.com. Create a certificate.yaml file with the following content:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: example-com
spec:
  dnsNames:
  - example.com
  issuerRef:
    name: my-scaleway-issuer
  secretName: example-com-tls

And run:

kubectl create -f certificate.yaml

After some seconds, you should see the certificate as ready:

$ kubectl get certificate example-com
NAME          READY   SECRET            AGE
example-com   True    example-com-tls   1m12s

Your certificate is now available in the example-com-tls secret!

Integration testing

Before running the test, you need:

  • A valid domain on Scaleway DNS (here example.com)
  • The variables SCW_ACCESS_KEY and SCW_SECRET_KEY valid and in the environment

In order to run the integration tests, run:

TEST_ZONE_NAME=example.com make test

cert-manager-webhook-scaleway's People

Contributors

sh4d1 avatar sgtcodfish avatar tacy-octo avatar remyleone avatar vincentfretin avatar dependabot[bot] avatar paulden avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.