🎉 initial commit

2022-04-06 15:33:57 +02:00
commit 968716ec76
29 changed files with 846 additions and 0 deletions
--- a/init-issuer.sh
+++ b/init-issuer.sh
@@ -0,0 +1,26 @@
+kubectl create serviceaccount issuer
+
+kubectl get secrets
+
+ISSUER_SECRET_REF=$(kubectl get serviceaccount issuer -o json | jq -r ".secrets[].name")
+
+cat > vault-issuer.yaml <<EOF
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: vault-issuer
+  namespace: default
+spec:
+  vault:
+    server: http://vault.default
+    path: pki/sign/dev-dot-localhost
+    auth:
+      kubernetes:
+        mountPath: /v1/auth/kubernetes
+        role: issuer
+        secretRef:
+          name: $ISSUER_SECRET_REF
+          key: token
+EOF
+
+kubectl apply --filename vault-issuer.yaml