forked from suse-edge/Factory
42 lines
1.1 KiB
YAML
42 lines
1.1 KiB
YAML
|
{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
|
||
|
{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
|
||
|
{{- required "cert-manager is required but not found" "" -}}
|
||
|
{{- end -}}
|
||
|
apiVersion: cert-manager.io/v1
|
||
|
kind: Issuer
|
||
|
metadata:
|
||
|
name: sriov-network-operator-selfsigned-issuer
|
||
|
namespace: {{ .Release.Namespace }}
|
||
|
spec:
|
||
|
selfSigned: {}
|
||
|
---
|
||
|
apiVersion: cert-manager.io/v1
|
||
|
kind: Certificate
|
||
|
metadata:
|
||
|
name: operator-webhook-service
|
||
|
namespace: {{ .Release.Namespace }}
|
||
|
spec:
|
||
|
secretName: operator-webhook-service
|
||
|
dnsNames:
|
||
|
- operator-webhook-service.{{ .Release.Namespace }}.svc
|
||
|
issuerRef:
|
||
|
name: sriov-network-operator-selfsigned-issuer
|
||
|
privateKey:
|
||
|
rotationPolicy: Always
|
||
|
---
|
||
|
apiVersion: cert-manager.io/v1
|
||
|
kind: Certificate
|
||
|
metadata:
|
||
|
name: network-resources-injector-service
|
||
|
namespace: {{ .Release.Namespace }}
|
||
|
spec:
|
||
|
secretName: network-resources-injector-secret
|
||
|
dnsNames:
|
||
|
- network-resources-injector-service.{{ .Release.Namespace }}.svc
|
||
|
issuerRef:
|
||
|
name: sriov-network-operator-selfsigned-issuer
|
||
|
privateKey:
|
||
|
rotationPolicy: Always
|
||
|
{{- end -}}
|
||
|
|