Skip to content

Commit

Permalink
Create Certs
Browse files Browse the repository at this point in the history
  • Loading branch information
DmitryDodzin committed Apr 14, 2024
1 parent 36b9965 commit 7731712
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 2 deletions.
12 changes: 12 additions & 0 deletions .github/workflows/ca.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
basicConstraints = CA:TRUE
keyUsage = cRLSign, keyCertSign

[req]
distinguished_name = req_distinguished_name
prompt = no

[req_distinguished_name]
C = US
O = MetalBear
emailAddress = [email protected]
CN = ci.metalbear.co
11 changes: 9 additions & 2 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,12 @@ jobs:
cpus: 'max'
memory: '4gb'
- uses: azure/[email protected]
- uses: kofemann/[email protected]
- run: helm install mirrord-operator --set license.file.data."license\\.pem"=$MIRRORD_OPERATOR_LICENSE --set operator.disableTelemetries=true --set tls.data."tls\\.key"="$(cat ./hostkey.pem)" --set tls.data."tls\\.crt"="$(cat ./hostcert.pem)" ./mirrord-operator
- run: |
openssl genrsa -out ca.key 4096
openssl genrsa -out tls.key 4096
openssl req -x509 -new -sha512 -nodes -key ./ca.key -days 7307 -out ./ca.crt -config ./.github/workflows/ca.conf
openssl req -new -key ./tls.key -out ./tls.csr -config ./.github/workflows/tls.conf
openssl x509 -req -in ./tls.csr -CA ./ca.crt -CAkey ./ca.key \
-CAcreateserial -out ./tls.crt -days 10000 \
-extensions v3_req -extfile ./.github/workflows/tls.conf
- run: helm install mirrord-operator --set license.file.data."license\\.pem"=$MIRRORD_OPERATOR_LICENSE --set operator.disableTelemetries=true --set tls.data."tls\\.key"="$(cat tls.key)" tls.data."tls\\.crt"="$(cat tls.crt)" ./mirrord-operator
19 changes: 19 additions & 0 deletions .github/workflows/tls.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
[req]
default_bits = 2048
prompt = no
default_md = sha256
x509_extensions = v3_req
distinguished_name = dn

[dn]
C = US
O = MetalBear
emailAddress = [email protected]
CN = ci.metalbear.co

[v3_req]
subjectAltName = @alt_names

[alt_names]
DNS.1 = mirrord-operator.mirrord.svc
DNS.2 = mirrord-operator.mirrord.svc.cluster.local

0 comments on commit 7731712

Please sign in to comment.