Add acme provisioner;Force system certs update
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Danny Bessems 2022-08-25 08:22:28 +02:00
parent 9a3898e0b8
commit 1c43bb19d2
2 changed files with 9 additions and 0 deletions

View File

@ -159,6 +159,7 @@
--fingerprint={{ stepca_configmap.resources[0].data['defaults.json'] | from_json | json_query('fingerprint') }} \
--install \
--force
update-ca-certificates
- name: Install harbor chart
kubernetes.core.helm:

View File

@ -69,6 +69,14 @@ components:
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
chart_values: !unsafe |
ca:
bootstrap:
postInitHook: |
echo '{{ vapp["guestinfo.rootpw"] }}' > ~/pwfile
step ca provisioner add acme \
--type ACME \
--password-file=~/pwfile \
--force-cn
rm ~/pwfile
dns: ca.{{ vapp['metacluster.fqdn'] }},step-certificates.step-ca.svc.cluster.local,127.0.0.1
password: "{{ vapp['guestinfo.rootpw'] }}"
provisioner: