Skip to content

Commit

Permalink
built workaround for default certificate
Browse files Browse the repository at this point in the history
  • Loading branch information
Thomas Schuetz committed Jul 23, 2020
1 parent a3f1602 commit 91ffe22
Showing 1 changed file with 25 additions and 2 deletions.
27 changes: 25 additions & 2 deletions install-keptn-on-k3s.sh
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,14 @@ function create_namespace {

function check_delete_secret {
secret="${1:-none}"
namespace="${2:-keptn}"
if [[ "${secret}" == "none" ]]; then
echo "No Secret given"
exit 1
fi

if [[ $("${K3SKUBECTL[@]}" get secret "$secret" -n keptn) ]]; then
"${K3SKUBECTL[@]}" delete secret "$secret" -n keptn
if [[ $("${K3SKUBECTL[@]}" get secret "$secret" -n "$namespace") ]]; then
"${K3SKUBECTL[@]}" delete secret "$secret" -n "$namespace"
fi

}
Expand Down Expand Up @@ -159,6 +160,24 @@ spec:
selfSigned: {}
EOF

check_delete_secret traefik-default-cert kube-system

cat << EOF | apply_manifest -
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: traefik-default
namespace: kube-system
spec:
secretName: traefik-default-cert
issuerRef:
name: selfsigned-issuer
kind: ClusterIssuer
dnsNames:
- ${MY_IP}
EOF


if [[ "$CERTS" == "letsencrypt" ]]; then
if [[ "$LE_STAGE" == "production" ]]; then
ACME_SERVER="https://acme-v02.api.letsencrypt.org/directory"
Expand All @@ -185,6 +204,10 @@ spec:
class: traefik
EOF
fi
"${K3SKUBECTL[@]}" rollout restart deployment traefik -n kube-system
echo "Waiting for Traefik to restart"
"${K3SKUBECTL[@]}" wait --namespace=kube-system --for=condition=Ready pods --timeout=300s -l app=traefik

}

function install_keptn {
Expand Down

0 comments on commit 91ffe22

Please sign in to comment.