Updated chart templates and added apikey in main.go

2024-03-23 22:18:34 +02:00 · 2024-03-23 22:18:34 +02:00 · 575340257e
commit 575340257e
parent 3ef6bc6ad0
4 changed files with 16 additions and 12 deletions
--- a/deploy/sthome-webhook/templates/_helpers.tpl
+++ b/deploy/sthome-webhook/templates/_helpers.tpl
@ -46,3 +46,10 @@ Create chart name and version as used by the chart label.
 {{- define "sthome-webhook.servingCertificate" -}}
 {{ printf "%s-webhook-tls" (include "sthome-webhook.fullname" .) }}
 {{- end -}}
+
+{{/*
+Create base64 imagePullSecret using username and password.
+*/}}
+{{- define "imagePullSecret" }}
+{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.imageCredentials.registry (printf "%s:%s" .Values.imageCredentials.username .Values.imageCredentials.password | b64enc) | b64enc }}
+{{- end }}
--- a/deploy/sthome-webhook/templates/deployment.yaml
+++ b/deploy/sthome-webhook/templates/deployment.yaml
@ -21,12 +21,12 @@ spec:
        release: {{ .Release.Name }}
    spec:
      serviceAccountName: {{ include "sthome-webhook.fullname" . }}
+      imagePullSecrets:
+      - name: {{ .Values.imageCredentials.name }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          imagePullSecrets:
-            - name: {{ .Values.image.imagePullSecrets.name }}
          args:
            - --tls-cert-file=/tls/tls.crt
            - --tls-private-key-file=/tls/tls.key
--- a/deploy/sthome-webhook/values.yaml
+++ b/deploy/sthome-webhook/values.yaml
@ -15,9 +15,11 @@ certManager:
 image:
  repository: stuurmcp/cert-manager-webhook-sthome
  tag: 0.0.1
-  pullPolicy: IfNotPresent
-  imagePullSecrets: 
-    name: regcred-secret
+  #pullPolicy should be IfNotPresent. Set to Always for testing purposes
+  pullPolicy: Always
+
+imageCredentials: 
+  name: docker-registry-credentials

 nameOverride: ""
 fullnameOverride: ""
--- a/main.go
+++ b/main.go
@ -9,6 +9,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"

+	cmmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	"github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
 	"github.com/cert-manager/cert-manager/pkg/acme/webhook/cmd"
 	"github.com/cert-manager/cert-manager/pkg/issuer/acme/dns/util"
@ -24,12 +25,6 @@ func main() {
 	if GroupName == "" {
 		panic("GROUP_NAME must be specified")
 	}
-
-	// This will register our sthome DNS provider with the webhook serving
-	// library, making it available as an API under the provided GroupName.
-	// You can register multiple DNS provider implementations with a single
-	// webhook, where the Name() method will be used to disambiguate between
-	// the different implementations.
 	cmd.RunWebhookServer(GroupName,
 		&sthomeDNSProviderSolver{},
 	)
@ -70,7 +65,7 @@ type sthomeDNSProviderConfig struct {
 	// `issuer.spec.acme.dns01.providers.webhook.config` field.

 	Email string `json:"email"`
-	//APIKeySecretRef v1alpha1.SecretKeySelector `json:"apiKeySecretRef"`
+	APIKeySecretRef cmmetav1.SecretKeySelector `json:"apiKeySecretRef"`
 }

 // Name is used as the name for this DNS solver when referencing it on the ACME