Skip to content

Commit

Permalink
chore: propose some changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@lentidas
lentidas committed Nov 9, 2023
1 parent a2b2b6f commit afff978
Show file tree
Hide file tree
Showing 9 changed files with 51 additions and 28 deletions.
6 changes: 3 additions & 3 deletions aks/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ output "id" {
value = module.cert-manager.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = module.cert-manager.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = module.cert-manager.cluster_issuers
}
6 changes: 3 additions & 3 deletions eks/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ output "id" {
value = module.cert-manager.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = module.cert-manager.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = module.cert-manager.cluster_issuers
}
2 changes: 1 addition & 1 deletion locals.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
locals {
issuers = {
letsencrypt = {
prod = {
production = {
name = "letsencrypt-prod"
email = "[email protected]"
server = "https://acme-v02.api.letsencrypt.org/directory"
Expand Down
14 changes: 11 additions & 3 deletions outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,15 @@ output "id" {
value = resource.null_resource.this.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = local.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = merge({
default = "selfsigned-issuer"
}, {
for issuer_id, issuer in { ca = "ca-issuer" } : issuer_id => issuer
if can(var.helm_values[0].cert-manager.tlsCrt) && can(var.helm_values[0].cert-manager.tlsKey)
}, {
for issuer_id, issuer in local.issuers.letsencrypt : issuer_id => issuer.name
if var.helm_values[0].cert-manager.clusterIssuers.letsencrypt.enabled
})
}
6 changes: 3 additions & 3 deletions scaleway/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ output "id" {
value = module.cert-manager.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = module.cert-manager.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = module.cert-manager.cluster_issuers
}
13 changes: 13 additions & 0 deletions self-signed/locals.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
locals {
helm_values = [{
cert-manager = {
tlsCrt = base64encode(tls_self_signed_cert.root.cert_pem)
tlsKey = base64encode(tls_private_key.root.private_key_pem)
clusterIssuers = {
letsencrypt = {
enabled = false
}
}
}
}]
}
14 changes: 5 additions & 9 deletions self-signed/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
resource "tls_private_key" "root" {
algorithm = "ECDSA"
algorithm = "ECDSA"
ecdsa_curve = "P256"
}

resource "tls_self_signed_cert" "root" {
private_key_pem = tls_private_key.root.private_key_pem

subject {
common_name = "devops-stack.camptocamp.com"
organization = "Camptocamp, SA"
common_name = "DevOps Stack"
organization = "Camptocamp"
}

validity_period_hours = 8760
Expand All @@ -33,12 +34,7 @@ module "cert-manager" {
deep_merge_append_list = var.deep_merge_append_list
app_autosync = var.app_autosync

helm_values = concat([{
cert-manager = {
tlsCrt = base64encode(tls_self_signed_cert.root.cert_pem)
tlsKey = base64encode(tls_private_key.root.private_key_pem)
}
}], var.helm_values)
helm_values = concat(local.helm_values, var.helm_values)

dependency_ids = var.dependency_ids
}
12 changes: 9 additions & 3 deletions self-signed/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,13 @@ output "id" {
value = module.cert-manager.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = module.cert-manager.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = module.cert-manager.cluster_issuers
}

output "ca_issuer_certificate" {
description = "The CA certificate used by the `ca-issuer`. You can copy this value into a `*.pem` file and use it as a CA certificate in your browser to avoid having insecure warnings."
value = trimspace(resource.tls_self_signed_cert.root.cert_pem)
sensitive = true
}
6 changes: 3 additions & 3 deletions sks/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ output "id" {
value = module.cert-manager.id
}

output "issuers" {
description = "List of issuers created by cert-manager"
value = module.cert-manager.issuers
output "cluster_issuers" {
description = "List of cluster issuers created by cert-manager."
value = module.cert-manager.cluster_issuers
}

0 comments on commit afff978

Please sign in to comment.