do not create cert twice

This commit is contained in:
jerger 2022-07-06 08:21:27 +02:00
parent d9691bee9c
commit 997ecf5305
3 changed files with 12 additions and 12 deletions

View file

@ -25,10 +25,10 @@
"gitea/appini-configmap.yaml" (rc/inline "gitea/appini-configmap.yaml")
"gitea/appini-env-configmap.yaml" (rc/inline "gitea/appini-env-configmap.yaml")
"gitea/deployment.yaml" (rc/inline "gitea/deployment.yaml")
"gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml")
"gitea/ingress.yaml" (rc/inline "gitea/ingress.yaml")
"gitea/services.yaml" (rc/inline "gitea/services.yaml")
"gitea/volumes.yaml" (rc/inline "gitea/volumes.yaml")
"gitea/certificate.yaml" (rc/inline "gitea/certificate.yaml")
"gitea/volumes.yaml" (rc/inline "gitea/volumes.yaml")
(throw (js/Error. "Undefined Resource!")))))
#?(:cljs
@ -48,12 +48,9 @@
(defn-spec generate-ingress pred/map-or-seq?
[config config?]
(let [{:keys [fqdn issuer]
:or {issuer "staging"}} config
letsencrypt-issuer (name issuer)]
(let [{:keys [fqdn issuer]} config]
(->
(yaml/load-as-edn "gitea/ingress.yaml")
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-certificate pred/map-or-seq?

View file

@ -4,8 +4,7 @@ metadata:
name: ingress-gitea
namespace: default
annotations:
kubernetes.io/ingress.class: "traefik"
cert-manager.io/cluster-issuer: ISSUER
ingress.kubernetes.io/ssl-redirect: "true"
spec:
tls:
- hosts:

View file

@ -19,8 +19,12 @@
:GITEA__server__ROOT_URL-c1 "https://",
:GITEA__server__ROOT_URL-c2 "https://test.com"}
(ct/map-diff (cut/generate-appini-env {})
(cut/generate-appini-env {:fqdn "test.com" :issuer "staging" :postgres-db-user "pg-user" :postgres-db-password "pg-pw"})))))
(cut/generate-appini-env {:fqdn "test.com"
:issuer "staging"
:postgres-db-user "pg-user"
:postgres-db-password "pg-pw"})))))
(deftest should-generate-ingress
(is (= {:hosts-c1 "abc.de", :hosts-c2 "test.com", :host-c1 "abc.de", :host-c2 "test.com"}
(ct/map-diff (cut/generate-ingress {:fqdn "abc.de"}) (cut/generate-ingress {:fqdn "test.com" :issuer "staging"})))))
(deftest should-generate-certificate
(is (= {:name-c2 "prod", :name-c1 "staging"}
(ct/map-diff (cut/generate-certificate {})
(cut/generate-certificate {:issuer "prod"})))))