I want to do a tls
termination on my nginx-ingress
controller using helm. How do I reference a secret or create a secret object of type kubernetes.io/tls
from another secret that was already created and has .crt
and .key
its values.
I have an application running on multiple microservices. I am creating helm chart to deploy all the microservices. One of them service is called config-init
which is a job
responsible for creating all the configurations. One of the files it creates include a configMap
and a secret
object. Both have the same name say gluu
.
The problem I am having is I can't seem to automate the part shown below.
tls-secret.sh
if [ ! -f ingress.crt ]; then
kubectl get secret gluu -o json \
| grep '\"ssl_cert' \
| awk -F '"' '{print $4}' \
| base64 --decode > ingress.crt
fi
if [ ! -f ingress.key ]; then
kubectl get secret gluu -o json \
| grep '\"ssl_key' \
| awk -F '"' '{print $4}' \
| base64 --decode > ingress.key
fi
kubectl create secret tls tls-certificate --key ingress.key --cert ingress.crt
The above file gets the ssl_cert
and ssl_key
from the already created secret object and then creates a new tls type obeject using the kubectl command. Then the created tls-certificate
will be used in the ingress
as shown below:
spec:
tls:
- hosts:
- {{ .Values.global.host }}
secretName: {{ .Values.global.tlsSecret }} --> #tls-certificate
The problem is that this needs to be automated using helm.
I expect to automate the tls-secret.sh
steps in helm since we can't do kubectl create ...
in helm.
Any leads, suggestions are highly welcome.