I want to do a tls termination on my nginx-ingress controller using helm. How do I reference a secret or create a secret object of type kubernetes.io/tls from another secret that was already created and has .crt and .key its values.
I have an application running on multiple microservices. I am creating helm chart to deploy all the microservices. One of them service is called config-init which is a job responsible for creating all the configurations. One of the files it creates include a configMap and a secret object. Both have the same name say gluu.
The problem I am having is I can't seem to automate the part shown below.
tls-secret.sh
if [ ! -f ingress.crt ]; then
kubectl get secret gluu -o json \
| grep '\"ssl_cert' \
| awk -F '"' '{print $4}' \
| base64 --decode > ingress.crt
fi
if [ ! -f ingress.key ]; then
kubectl get secret gluu -o json \
| grep '\"ssl_key' \
| awk -F '"' '{print $4}' \
| base64 --decode > ingress.key
fi
kubectl create secret tls tls-certificate --key ingress.key --cert ingress.crtThe above file gets the ssl_cert and ssl_key from the already created secret object and then creates a new tls type obeject using the kubectl command. Then the created tls-certificate will be used in the ingress as shown below:
spec:
tls:
- hosts:
- {{ .Values.global.host }}
secretName: {{ .Values.global.tlsSecret }} --> #tls-certificateThe problem is that this needs to be automated using helm.
I expect to automate the tls-secret.sh steps in helm since we can't do kubectl create ... in helm.
Any leads, suggestions are highly welcome.