Skip to content
This repository has been archived by the owner on Aug 25, 2023. It is now read-only.

basisai/terraform-helm-cert-manager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
templates
templates
 
 
tests
tests
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Cert-Manager

Deploys cert-manager.

Requirements

Name Version
terraform >= 0.13
helm ~> 2.1

Providers

Name Version
helm ~> 2.1

Modules

No modules.

Resources

Name Type
helm_release.release resource

Inputs

Name Description Type Default Required
affinity Pod affinity map {} no
ca_injector_affinity Affinity for ca_injector map {} no
ca_injector_container_security_context CA Injector Container Security Context map {} no
ca_injector_deployment_annotations Extra annotations for ca_injector deployment map {} no
ca_injector_enabled Enable CA Injector. bool true no
ca_injector_extra_args Extra args for ca_injector list [] no
ca_injector_image_repository Image repository for ca_injector string "quay.io/jetstack/cert-manager-cainjector" no
ca_injector_image_tag Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. any null no
ca_injector_node_selector Node selector for ca_injector map {} no
ca_injector_pod_annotations Extra annotations for ca_injector pods map {} no
ca_injector_pod_labels Extra labels for ca_injector pods map {} no
ca_injector_replica_count Number of replica for injector number 1 no
ca_injector_resources ca_injector pod resources map 
{
  "limits": {
    "cpu": "100m",
    "memory": "300Mi"
  },
  "requests": {
    "cpu": "100m",
    "memory": "300Mi"
  }
}
 no
ca_injector_security_context CA Injector Pod Security Context map {} no
ca_injector_service_account_annotations Annotations for ca_injector service account map {} no
ca_injector_service_account_create Create ca_injector service account bool true no
ca_injector_service_account_name Name for ca_injector service account. If not set and create is true, a name is generated using the fullname template string "" no
ca_injector_strategy CA Injector deployment update strategy map 
{
  "rollingUpdate": {
    "maxSurge": 1,
    "maxUnavailable": "50%"
  },
  "type": "RollingUpdate"
}
 no
ca_injector_tolerations Tolerations for ca_injector list [] no
chart_name Helm chart name to provision string "cert-manager" no
chart_namespace Namespace to install the chart into string "default" no
chart_repository Helm repository for the chart string "https://charts.jetstack.io" no
chart_timeout Timeout to wait for the Chart to be deployed. number 300 no
chart_version Version of Chart to install. Set to empty to install the latest version string "1.5.0" no
cluster_resource_namespace Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart. string "" no
container_security_context Configure container security context map {} no
deployment_annotations Extra annotations for the deployment map {} no
extra_args Extra arguments list [] no
extra_env Extra environment variables list [] no
feature_gates Feature gates to enable on the pod list [] no
image_pull_secrets Secrets for image pulling list [] no
image_repository Image repository string "quay.io/jetstack/cert-manager-controller" no
image_tag Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. any null no
ingress_shim Configure Ingess Shim. See https://cert-manager.io/docs/usage/ingress/ map {} no
install_crds Install CRDs with chart bool true no
leader_election_lease_duration Duration that non-leader candidates will wait after observing a leadership renewal string "60s" no
leader_election_namespace Namespace used for Leader Election ConfigMap string "kube-system" no
leader_election_renew_deadline Interval between attempts by the acting master to renew a leadership slot before it stops leading string "40s" no
leader_election_retry_period Duration the clients should wait between attempting acquisition and renewal of a leadership. string "15s" no
log_level Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose. number 2 no
max_history Max History for Helm number 20 no
mutating_webhook_configuration_annotations Optional additional annotations to add to the webhook MutatingWebhookConfiguration map {} no
node_selector Node selector for cert-manager-controller pods map {} no
pod_annotations Extra annotations for pods map {} no
pod_labels Extra labels for pods map {} no
priority_class_name Priority class for all cert-manager pods string "" no
prometheus_enabled Enable Prometheus metrics bool true no
psp_apparmor Use AppArmor with PSP. bool true no
psp_enable Create PodSecurityPolicy bool false no
rbac_create Create RBAC resources bool true no
release_name Helm release name string "cert-manager" no
replica_count Number of controller replicas number 1 no
resources Resources for pods map 
{
  "limits": {
    "cpu": "100m",
    "memory": "300Mi"
  },
  "requests": {
    "cpu": "100m",
    "memory": "300Mi"
  }
}
 no
security_context Configure pod security context map {} no
service_account_annotations Service acocunt annotations map {} no
service_account_automount_token Automount API credentials for a Service Account bool true no
service_account_create Create service account bool true no
service_account_name Override the default service account name string "" no
startupapicheck_affinity Affinity for startupapicheck map {} no
startupapicheck_backoff_limit startupapicheck backoff limit number 4 no
startupapicheck_enabled Enable startupapicheck bool true no
startupapicheck_extra_args Extra args for startupapicheck list [] no
startupapicheck_image_repository Image repository for startupapicheck string "quay.io/jetstack/cert-manager-ctl" no
startupapicheck_image_tag Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. any null no
startupapicheck_node_selector Node selector for startupapicheck map {} no
startupapicheck_pod_labels Extra labels for startupapicheck pods map {} no
startupapicheck_resources startupapicheck pod resources map 
{
  "limits": {
    "cpu": "10m",
    "memory": "32Mi"
  },
  "requests": {
    "cpu": "10m",
    "memory": "32Mi"
  }
}
 no
startupapicheck_security_context startupapicheck security context map 
{
  "runAsNonRoot": true
}
 no
startupapicheck_timeout startupapicheck timeout string "1m" no
startupapicheck_tolerations Tolerations for startupapicheck list [] no
strategy Update strategy of deployment map 
{
  "rollingUpdate": {
    "maxSurge": 1,
    "maxUnavailable": "50%"
  },
  "type": "RollingUpdate"
}
 no
tolerations Pod tolerations list [] no
validating_webhook_configuration_annotations Optional additional annotations to add to the webhook ValidatingWebhookConfiguration map {} no
volume_mounts Extra volume mounts for the container list [] no
volumes Extra volumes for the pod list [] no
webhook_affinity Affinity for webhook map {} no
webhook_deployment_annotations Extra annotations for webhook deployment map {} no
webhook_extra_args Extra args for webhook list [] no
webhook_host_network Whether webhook should use host network bool false no
webhook_image_repository Image repository for webhook string "quay.io/jetstack/cert-manager-webhook" no
webhook_image_tag Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. any null no
webhook_liveness_probe Liveness probe for webhook map 
{
  "failureThreshold": 3,
  "initialDelaySeconds": 60,
  "periodSeconds": 10,
  "successThreshold": 1,
  "timeoutSeconds": 5
}
 no
webhook_node_selector Node selector for webhook map {} no
webhook_pod_annotations Extra annotations for webhook pods map {} no
webhook_pod_labels Extra labels for webhook pods map {} no
webhook_port Port used by webhook to listen for request from Kubernetes Master number 10250 no
webhook_readiness_probe Readiness probe for webhook map 
{
  "failureThreshold": 3,
  "initialDelaySeconds": 5,
  "periodSeconds": 5,
  "successThreshold": 1,
  "timeoutSeconds": 5
}
 no
webhook_replica_count Number of replicas for webhook number 1 no
webhook_resources Webhook pod resources map 
{
  "limits": {
    "cpu": "100m",
    "memory": "300Mi"
  },
  "requests": {
    "cpu": "100m",
    "memory": "300Mi"
  }
}
 no
webhook_security_context Security context for webhook pod map {} no
webhook_service_account_annotations Annotations for webhook service account map {} no
webhook_service_account_create Create Webhook service account bool true no
webhook_service_account_name Name for webhook service account. If not set and create is true, a name is generated using the fullname template string "" no
webhook_timeout_seconds Timeout in seconds for webook number 10 no
webhook_tolerations Tolerations for webhook list [] no
webook_container_security_context Security context for webhook containers map {} no
webook_strategy Update strategy for admission webhook map 
{
  "rollingUpdate": {
    "maxSurge": 1,
    "maxUnavailable": "50%"
  },
  "type": "RollingUpdate"
}
 no

Outputs

No outputs.

About

Terraform Cert-manager on Kubernetes using Helm

registry.terraform.io/modules/basisai/cert-manager/helm/latest

Topics

hacktoberfest

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

4 watching

Forks

8 forks
Report repository

Releases 4

Update chart version to 1.5.0 Latest
Aug 16, 2021
+ 3 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages