cert-manager-webhook-linode

command module

v0.2.0 Latest Latest Go to latest Published: Jan 14, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/slicen/cert-manager-webhook-linode

Links

Open Source Insights

README ¶

Cert-Manager ACME DNS01 Webhook Solver for Linode DNS Manager

A webhook to use Linode DNS Manager as a DNS01 ACME Issuer for cert-manager.

Installation

helm install cert-manager-webhook-linode \
  --namespace cert-manager \
  https://github.com/slicen/cert-manager-webhook-linode/releases/download/v0.2.0/cert-manager-webhook-linode-v0.2.0.tgz

Usage

Create Linode API Token Secret

kubectl create secret generic linode-credentials \
  --namespace=cert-manager \
  --from-literal=token=<LINODE TOKEN>

Create Issuer

Cluster-wide Linode API Token

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: example@example.com
    privateKeySecretRef:
      name: letsencrypt-staging
    solvers:
    - dns01:
      webhook:
        solverName: linode
        groupName: acme.slicen.me

By default, the Linode API token used will be obtained from the linode-credentials Secret in the same namespace as the webhook.

Per Namespace Linode API Tokens

If you would prefer to use separate Linode API tokens for each namespace (e.g. in a multi-tenant environment):

apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: letsencrypt-staging
  namespace: default
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: example@example.com
    privateKeySecretRef:
      name: letsencrypt-staging
    solvers:
    - dns01:
      webhook:
        solverName: linode
        groupName: acme.slicen.me
        config:
          apiKeySecretRef:
            name: linode-credentials
            key: token

Development

Running the test suite

Conformance testing is achieved through Kubernetes emulation via the kubebuilder-tools suite, in conjunction with real calls to the Linode API on an test domain, using a valid API token.

The test configures a cert-manager-dns01-tests TXT entry, attempts to verify its presence, and removes the entry, thereby verifying the Prepare and CleanUp functions.

Run the test suite with:

./scripts/fetch-test-binaries.sh
export LINODE_TOKEN=$(echo -n "<your API token>" | base64 -w 0)
envsubst < testdata/linode/secret.yaml.example > testdata/linode/secret.yaml
TEST_ZONE_NAME=yourdomain.com. make verify

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL