25 lines
801 B
YAML
25 lines
801 B
YAML
# The following manifests contain a self-signed issuer CR and a certificate CR.
|
|
# More document can be found at https://docs.cert-manager.io
|
|
apiVersion: certmanager.k8s.io/v1alpha1
|
|
kind: Issuer
|
|
metadata:
|
|
name: selfsigned-issuer
|
|
namespace: system
|
|
spec:
|
|
selfSigned: {}
|
|
---
|
|
apiVersion: certmanager.k8s.io/v1alpha1
|
|
kind: Certificate
|
|
metadata:
|
|
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
|
|
namespace: system
|
|
spec:
|
|
# $(SERVICENAME) and $(NAMESPACE) will be substituted by kustomize
|
|
commonName: $(SERVICENAME).$(NAMESPACE).svc
|
|
dnsNames:
|
|
- $(SERVICENAME).$(NAMESPACE).svc.cluster.local
|
|
issuerRef:
|
|
kind: Issuer
|
|
name: selfsigned-issuer
|
|
secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
|