1 {{- if and ( .Capabilities.APIVersions.Has "cert-manager.io/v1" ) .Values.certificates.enabled -}}
3 {{- $genericCertificateConfig := dict -}}
4 {{- $_ := set $genericCertificateConfig "fullName" (include "kong.fullname" .) -}}
5 {{- $_ := set $genericCertificateConfig "namespace" (include "kong.namespace" .) -}}
6 {{- $_ := set $genericCertificateConfig "metaLabels" (include "kong.metaLabels" .) -}}
7 {{- $_ := set $genericCertificateConfig "globalIssuer" .Values.certificates.issuer -}}
8 {{- $_ := set $genericCertificateConfig "globalClusterIssuer" .Values.certificates.clusterIssuer -}}
9 {{- $_ := set $genericCertificateConfig "globalSubject" .Values.certificates.subject -}}
10 {{- $_ := set $genericCertificateConfig "globalPrivateKey" .Values.certificates.privateKey -}}
11 {{- $_ := set $genericCertificateConfig "defaultIssuer" (printf "%s-%s-%s" .Release.Name .Chart.Name "selfsigned-issuer") -}}
13 {{- if .Values.certificates.admin.enabled }}
14 {{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.admin -}}
15 {{- $_ := set $certificateConfig "serviceName" "admin" -}}
16 {{- include "kong.certificate" $certificateConfig -}}
19 {{- if (and .Values.certificates.portal.enabled .Values.enterprise.enabled) }}
20 {{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.portal -}}
21 {{- $_ := set $certificateConfig "serviceName" "portal" -}}
22 {{- include "kong.certificate" $certificateConfig -}}
25 {{- if .Values.certificates.proxy.enabled }}
26 {{- $certificateConfig := mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.proxy -}}
27 {{- $_ := set $certificateConfig "serviceName" "proxy" -}}
28 {{- include "kong.certificate" $certificateConfig -}}
31 {{- if .Values.certificates.cluster.enabled }}
32 {{- $certificateConfig := dict -}}
33 {{- $certificateConfig = mustMerge (mustDeepCopy $genericCertificateConfig) .Values.certificates.cluster -}}
34 {{- $_ := set $certificateConfig "serviceName" "cluster" -}}
35 {{- include "kong.certificate" $certificateConfig -}}
40 {{- define "kong.certificate" }}
42 apiVersion: cert-manager.io/v1
45 name: {{ .fullName }}-{{ .serviceName }}
46 namespace: {{ .namespace }}
48 {{- .metaLabels | nindent 4 }}
50 secretName: {{ .fullName }}-{{ .serviceName }}-cert
51 commonName: {{ .commonName }}
53 {{- range (append .dnsNames .commonName) }}
60 {{- toYaml .subject | nindent 4 }}
61 {{ else if .globalSubject -}}
63 {{- toYaml .globalSubject | nindent 4 }}
67 {{- toYaml .privateKey | nindent 4 }}
68 {{ else if .globalPrivateKey -}}
70 {{- toYaml .globalPrivateKey | nindent 4 }}
72 {{ if .clusterIssuer -}}
74 name: {{ .clusterIssuer }}
76 {{ else if .issuer -}}
80 {{ else if .globalClusterIssuer -}}
82 name: {{ .globalClusterIssuer}}
84 {{ else if .globalIssuer -}}
86 name: {{ .globalIssuer }}