yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: enable setting ssl common name 

template, documentation, default values.yaml for value
ssl.Commonname to support vault-issuer
vault-issuer (k8s clusterIssuer) requires CN to be set by default

closes: emqx#11199
This commit is contained in:
dounix 2023-07-06 10:59:13 -04:00
parent 353cc065db
commit f415af7225
6 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deploy/charts/emqx-enterprise/README.md
View File

@ -100,6 +100,7 @@ The following table lists the configurable parameters of the emqx chart and thei
| `ssl.useExisting` | Use existing certificate or let cert-manager generate one | false | | `ssl.useExisting` | Use existing certificate or let cert-manager generate one | false |
| `ssl.existingName` | Name of existing certificate | emqx-tls | | `ssl.existingName` | Name of existing certificate | emqx-tls |
| `ssl.dnsnames` | DNS name(s) for certificate to be generated | {} | | `ssl.dnsnames` | DNS name(s) for certificate to be generated | {} |
| `ssl.commonName` | Common name for or certificate to be generated | |
| `ssl.issuer.name` | Issuer name for certificate generation | letsencrypt-dns | | `ssl.issuer.name` | Issuer name for certificate generation | letsencrypt-dns |
| `ssl.issuer.kind` | Issuer kind for certificate generation | ClusterIssuer | | `ssl.issuer.kind` | Issuer kind for certificate generation | ClusterIssuer |

3
deploy/charts/emqx-enterprise/templates/certificate.yaml
View File

@ -9,6 +9,9 @@ spec:
issuerRef: issuerRef:
name: {{ default "letsencrypt-staging" .Values.ssl.issuer.name }} name: {{ default "letsencrypt-staging" .Values.ssl.issuer.name }}
kind: {{ default "ClusterIssuer" .Values.ssl.issuer.kind }} kind: {{ default "ClusterIssuer" .Values.ssl.issuer.kind }}
{{- if .Values.ssl.commonName }}
commonName: {{ .Values.ssl.commonName }}
{{- end }}
dnsNames: dnsNames:
{{- range .Values.ssl.dnsnames }} {{- range .Values.ssl.dnsnames }}
- {{ . }} - {{ . }}

1
deploy/charts/emqx-enterprise/values.yaml
View File

@ -237,6 +237,7 @@ ssl:
useExisting: false useExisting: false
existingName: emqx-tls existingName: emqx-tls
dnsnames: [] dnsnames: []
commonName:
issuer: issuer:
name: letsencrypt-dns name: letsencrypt-dns
kind: ClusterIssuer kind: ClusterIssuer

1
deploy/charts/emqx/README.md
View File

@ -99,6 +99,7 @@ The following table lists the configurable parameters of the emqx chart and thei
| `ssl.enabled` | Enable SSL support | false | | `ssl.enabled` | Enable SSL support | false |
| `ssl.useExisting` | Use existing certificate or let cert-manager generate one | false | | `ssl.useExisting` | Use existing certificate or let cert-manager generate one | false |
| `ssl.existingName` | Name of existing certificate | emqx-tls | | `ssl.existingName` | Name of existing certificate | emqx-tls |
| `ssl.commonName` | Common name for or certificate to be generated | |
| `ssl.dnsnames` | DNS name(s) for certificate to be generated | {} | | `ssl.dnsnames` | DNS name(s) for certificate to be generated | {} |
| `ssl.issuer.name` | Issuer name for certificate generation | letsencrypt-dns | | `ssl.issuer.name` | Issuer name for certificate generation | letsencrypt-dns |
| `ssl.issuer.kind` | Issuer kind for certificate generation | ClusterIssuer | | `ssl.issuer.kind` | Issuer kind for certificate generation | ClusterIssuer |

3
deploy/charts/emqx/templates/certificate.yaml
View File

@ -9,6 +9,9 @@ spec:
issuerRef: issuerRef:
name: {{ default "letsencrypt-staging" .Values.ssl.issuer.name }} name: {{ default "letsencrypt-staging" .Values.ssl.issuer.name }}
kind: {{ default "ClusterIssuer" .Values.ssl.issuer.kind }} kind: {{ default "ClusterIssuer" .Values.ssl.issuer.kind }}
{{- if .Values.ssl.commonName }}
commonName: {{ .Values.ssl.commonName }}
{{- end }}
dnsNames: dnsNames:
{{- range .Values.ssl.dnsnames }} {{- range .Values.ssl.dnsnames }}
- {{ . }} - {{ . }}

1
deploy/charts/emqx/values.yaml
View File

@ -240,6 +240,7 @@ ssl:
useExisting: false useExisting: false
existingName: emqx-tls existingName: emqx-tls
dnsnames: [] dnsnames: []
commonName:
issuer: issuer:
name: letsencrypt-dns name: letsencrypt-dns
kind: ClusterIssuer kind: ClusterIssuer