-
Notifications
You must be signed in to change notification settings - Fork 431
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CI/CD using github actions and a custom dnsimple account #67
Conversation
When using a GitOps deployment model, these resources are always considered "out of sync", as the resulting Certificate object's 'duration' field also specifies minutes & seconds. These changes are essentially a no-op, but match the object, for GitOps compatability.
fix: explicit pki durations to match resulting objects
This means that users don't have to configure the account ID explicitly. This code is inspired by the DNSimple provider in External-DNS.
- Add variable dnsimple.existingTokenSecret to the Helm chart to support using an existing secret. This is useful e.g. in combination with https://github.com/bitnami-labs/sealed-secrets. - Add variable dnsimple.tokenSecretName to support configuring the name of the token secret.
Add variable image.pullSecret to Helm chart to support specifying an image pull secret. This is mostly useful for people running an in-house fork of cert-manager-webhook-dnsimple.
feat: fetch account ID from DNSimple API
feat: add support for using an existing token secret
feat: add support for imagePullSecret
fix: fix creating cluster issuers via Helm
- Switch from apiregistration.k8s.io/v1beta1 to apiregistration.k8s.io/v1 where available - Switch from rbac.authorization.k8s.io/v1beta1 to rbac.authorization.k8s.io/v1 where available - Switch from cert-manager.io/v1alpha2 to cert-manager.io/v1 where available
feat: support newer stable APIs in Helm chart
Upgrade dependencies and align with cert-manager/webhook-example
* Allow for the DNSimple account ID to be specified via the dnssimple.accountID value * Allow for the DNSimple account ID to be manually specified via the DNSIMPLE_ACCOUNT_ID environment variable Fix incorrect variable specification in main.go * Allow for the DNSimple account ID to be manually specified via the DNSIMPLE_ACCOUNT_ID environment variable Fix missing return of nil in main.go * Fix incorrect double-declaration of env section in deployment.yaml * Fix incorrect logic when handling DNSIMPLE_ACCOUNT_ID environment variable * The client.Zones.GetZone check isn't needed in the getExistingRecord function and it prevents User API tokens from being used for authentication - only Account API tokens would work * Incorporate changes from #29 so that the DNSimple accountID may be obtained from the Issuer config if a DNSimple User API token is being used * Remove unused variable DnsimpleAccountId * Fix deploy/dnsimple/templates/deployment.yaml - DNSIMPLE_ACCOUNT_ID environment variable doesn't do anything anymore so we can delete it * Pass the .Values.dnsimple.accountID value down to the staging and production ClusterIssuer configs * Update README.md with documentation on the dnsimple.accountID parameter * The ClusterIssuer configs must quote the accountID value so that it is interpreted as a string and not as a number * Fix indentation level of imagePullSecret in deployment.yaml
Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits. 📝 Please follow instructions in the contributing guide to update your commits with the DCO Full details of the Developer Certificate of Origin can be found at developercertificate.org. The list of commits missing DCO signoff:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Hi @moll-re. Thanks for your PR. I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
No description provided.