update (#3)

Co-authored-by: georgedriver <[email protected]>

charts/alidns-webhook/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/alidns-webhook/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+appVersion: "1.0"
+description: Cert-manager ACME DNS webhook provider for alidns
+name: alidns-webhook
+version: 0.1.0
+home: https://github.com/georgedriver/helm-charts
+keywords:
+  - alidns
+  - dns01
+  - certmanager
+sources:
+  - https://github.com/georgedriver/helm-charts
+maintainers:
+  - name: George

charts/alidns-webhook/README.md

@@ -0,0 +1,76 @@
+alidns-webhook
+==============
+Cert-manager ACME DNS webhook provider for alidns
+
+Current chart version is `0.1.0`
+
+Source code can be found [here](https://github.com/georgedriver/helm-charts)
+
+## Installation
+
+### Add Helm repository
+
+```shell
+helm repo add georgedriver https://georgedriver.github.io/helm-charts
+helm repo update
+```
+
+```shell
+helm install georgedriver/alidns-webhook \
+  --set alicloud_access_key=<alicloud_access_key> \
+  --set alicloud_secret_key=<alicloud_secret_key> \
+  --set email="[email protected]" \
+  --set domain="test.com"
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the chart and the default values.
+
+## Chart Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| alicloud_access_key | string | `""` | ALICLOUD_ACCESS_KEY to handle the Alicloud DNS records |
+| alicloud_secret_key | string | `""` | ALICLOUD_SECRET_KEY to handle the Alicloud DNS records |
+| domain | string | `"test.com"` | The domain we're using for alidns-webhook |
+| email | string | `"[email protected]"` | A validated email address for cert-manager |
+
+## Changes
+
+- Change `acme.yourcompany.com` to `cert-manager.io`, cause the `Certificate` generated by `Ingress` will always use the group `cert-manager.io` as its `issuerRef`
+
+- Hook all the steps in [alidns-webhook](https://github.com/pragkent/alidns-webhook) this helm chart, include the test `Certificate`
+
+## Usage
+
+Example ingress
+
+```yaml
+cat << EOF | kubectl apply -f -
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: basic-ingress
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - vault11.mirana.test.com
+    secretName: quickstart-example-tls
+  rules:
+  - host: vault11.mirana.test.com
+    http:
+      paths:
+      - backend:
+          serviceName: nginx
+          servicePort: 80
+EOF
+```
+
+## Ref
+
+- [cert-manager](https://cert-manager.io/docs/configuration/acme/dns01/#webhook)
+- [alidns-webhook](https://github.com/pragkent/alidns-webhook)

charts/alidns-webhook/README.md.gotmpl

@@ -0,0 +1,68 @@
+{{ template "chart.header" . }}
+{{ template "chart.description" . }}
+
+{{ template "chart.versionLine" . }}
+
+{{ template "chart.sourceLinkLine" . }}
+
+## Installation
+
+### Add Helm repository
+
+```shell
+helm repo add georgedriver https://georgedriver.github.io/helm-charts
+helm repo update
+```
+
+```shell
+helm install georgedriver/alidns-webhook \
+  --set alicloud_access_key=<alicloud_access_key> \
+  --set alicloud_secret_key=<alicloud_secret_key> \
+  --set email="[email protected]" \
+  --set domain="test.com"
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the chart and the default values.
+
+{{ template "chart.valuesSection" . }}
+
+## Changes
+
+- Change `acme.yourcompany.com` to `cert-manager.io`, cause the `Certificate` generated by `Ingress` will always use the group `cert-manager.io` as its `issuerRef`
+
+- Hook all the steps in [alidns-webhook](https://github.com/pragkent/alidns-webhook) this helm chart, include the test `Certificate`
+
+## Usage
+
+Example ingress
+
+```yaml
+cat << EOF | kubectl apply -f -
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: basic-ingress
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - vault11.mirana.test.com
+    secretName: quickstart-example-tls
+  rules:
+  - host: vault11.mirana.test.com
+    http:
+      paths:
+      - backend:
+          serviceName: nginx
+          servicePort: 80
+EOF
+```
+
+## Ref
+
+- [cert-manager](https://cert-manager.io/docs/configuration/acme/dns01/#webhook)
+- [alidns-webhook](https://github.com/pragkent/alidns-webhook)

charts/alidns-webhook/templates/NOTES.txt

@@ -0,0 +1,9 @@
+=========================================================
+# Debug commands
+kubectl get/describe ClusterIssuers
+kubectl get/describe Certificates
+kubectl get/describe CertificateRequest
+
+# Verify
+kubectl describe Certificates test-cert-tls-secret
+=========================================================

charts/alidns-webhook/templates/_helpers.tpl

@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "alidns-webhook.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "alidns-webhook.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "alidns-webhook.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}