Allow User to specify custom cluster-issuer (#1332)

Implemented variable and defaults for cluster-issuer to allow users to specify, if needed, their own cluster issuer. (eg. installations with only outbound traffic that cannot solve ACME https challenge)
2023-11-04 21:29:17 +01:00 · 2023-11-04 21:29:17 +01:00 · 0b8bbcf8e6
commit 0b8bbcf8e6
parent 4998274ab0
2 changed files with 6 additions and 1 deletions
--- a/chart/templates/ingress.yaml
+++ b/chart/templates/ingress.yaml
@ -12,7 +12,7 @@ metadata:
    nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-buffering: "off"
    {{- if .Values.ingress.tls }}
-    cert-manager.io/cluster-issuer: "cert-main"
+    cert-manager.io/cluster-issuer: {{ .Values.ingress.custom_cluster_issuer | default "cert-main" }}
    {{- end }}
    nginx.ingress.kubernetes.io/upstream-vhost: "{{ .Values.ingress.host }}"
    nginx.ingress.kubernetes.io/configuration-snippet: |
@ -78,6 +78,7 @@ spec:


 {{ if .Values.ingress.tls }}
+{{ if not .Values.ingress.custom_cluster_issuer }}
 ---

 apiVersion: cert-manager.io/v1
@ -103,3 +104,4 @@ spec:

 {{ end }}
 {{ end }}
+{{ end }}
--- a/chart/values.yaml
+++ b/chart/values.yaml
@ -304,10 +304,13 @@ ingress:
  #host: ""
  cert_email: "test@example.com"
  tls: false
+  # Optional: Uncomment to use your own cluster-issuer instead of default ACME https validation
+  # custom_cluster_issuer: custom_cluster_issuer-name

 ingress_class: nginx


+
 # Signing Options
 # =========================================
 # optionally enable signer