Commit 125e685c authored by Albert Salim's avatar Albert Salim

Use certmanager in review apps

parent 161bf209
...@@ -41,6 +41,7 @@ review-build-cng: ...@@ -41,6 +41,7 @@ review-build-cng:
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3-kubectl1.14 image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3-kubectl1.14
variables: variables:
HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
REVIEW_APPS_DOMAIN: "temp.gitlab-review.app" # FIXME: using temporary domain
DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF: "master" GITLAB_HELM_CHART_REF: "master"
environment: environment:
......
...@@ -7,7 +7,7 @@ global: ...@@ -7,7 +7,7 @@ global:
external-dns.alpha.kubernetes.io/ttl: 10 external-dns.alpha.kubernetes.io/ttl: 10
configureCertmanager: false configureCertmanager: false
tls: tls:
secretName: tls-cert secretName: review-apps-tls
initialRootPassword: initialRootPassword:
secret: shared-gitlab-initial-root-password secret: shared-gitlab-initial-root-password
certmanager: certmanager:
......
...@@ -213,6 +213,29 @@ function install_external_dns() { ...@@ -213,6 +213,29 @@ function install_external_dns() {
fi fi
} }
function install_certmanager() {
local namespace="${KUBE_NAMESPACE}"
local release="cert-manager-review-app-helm3"
echoinfo "Installing cert-manager..." true
if ! deploy_exists "${namespace}" "${release}" || previous_deploy_failed "${namespace}" "${release}" ; then
kubectl apply \
-f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.10/deploy/manifests/00-crds.yaml
echoinfo "Installing cert-manager Helm chart"
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install "${release}" jetstack/cert-manager \
--namespace "${namespace}" \
--version v0.15.1 \
--set installCRDS=true
else
echoinfo "The cert-manager Helm chart is already successfully deployed."
fi
}
function create_application_secret() { function create_application_secret() {
local namespace="${KUBE_NAMESPACE}" local namespace="${KUBE_NAMESPACE}"
local release="${CI_ENVIRONMENT_SLUG}" local release="${CI_ENVIRONMENT_SLUG}"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment