Skip to content

Commit

Permalink
Solves kubernetes-sigs#2933: Allow http_proxy, https_proxy and no_pro…
Browse files Browse the repository at this point in the history
…xy environment variables in cert-manager playbook (kubernetes-sigs#10162)
  • Loading branch information
karabanov authored and pedromcpedro committed May 8, 2024
1 parent e8c6713 commit 6f12763
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,11 @@ cert_manager_dns_policy: "ClusterFirst"
cert_manager_dns_config: {}
cert_manager_controller_extra_args: []

## Allow http_proxy, https_proxy and no_proxy environment variables
## Details https://github.com/kubernetes-sigs/kubespray/blob/master/docs/proxy.md
cert_manager_http_proxy: "{{ http_proxy|default('') }}"
cert_manager_https_proxy: "{{ https_proxy|default('') }}"
cert_manager_no_proxy: "{{ no_proxy|default('') }}"

## Change leader election namespace when deploying on GKE Autopilot that forbid the changes on kube-system namespace.
## See https://github.com/jetstack/cert-manager/issues/3717
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -870,6 +870,18 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{% if cert_manager_http_proxy is defined and cert_manager_http_proxy != "" %}
- name: HTTP_PROXY
value: "{{ cert_manager_http_proxy }}"
{% endif %}
{% if cert_manager_https_proxy is defined and cert_manager_https_proxy != "" %}
- name: HTTPS_PROXY
value: "{{ cert_manager_https_proxy }}"
{% endif %}
{% if cert_manager_no_proxy is defined and cert_manager_no_proxy != "" %}
- name: NO_PROXY
value: "{{ cert_manager_no_proxy }}"
{% endif %}
securityContext:
allowPrivilegeEscalation: false
capabilities:
Expand Down Expand Up @@ -967,6 +979,18 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{% if cert_manager_http_proxy is defined and cert_manager_http_proxy != "" %}
- name: HTTP_PROXY
value: "{{ cert_manager_http_proxy }}"
{% endif %}
{% if cert_manager_https_proxy is defined and cert_manager_https_proxy != "" %}
- name: HTTPS_PROXY
value: "{{ cert_manager_https_proxy }}"
{% endif %}
{% if cert_manager_no_proxy is defined and cert_manager_no_proxy != "" %}
- name: NO_PROXY
value: "{{ cert_manager_no_proxy }}"
{% endif %}
{% if cert_manager_trusted_internal_ca is defined %}
volumeMounts:
- mountPath: /etc/ssl/certs/internal-ca.pem
Expand Down Expand Up @@ -1083,6 +1107,18 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{% if cert_manager_http_proxy is defined and cert_manager_http_proxy != "" %}
- name: HTTP_PROXY
value: "{{ cert_manager_http_proxy }}"
{% endif %}
{% if cert_manager_https_proxy is defined and cert_manager_https_proxy != "" %}
- name: HTTPS_PROXY
value: "{{ cert_manager_https_proxy }}"
{% endif %}
{% if cert_manager_no_proxy is defined and cert_manager_no_proxy != "" %}
- name: NO_PROXY
value: "{{ cert_manager_no_proxy }}"
{% endif %}
{% if cert_manager_tolerations %}
tolerations:
{{ cert_manager_tolerations | to_nice_yaml(indent=2) | indent(width=8) }}
Expand Down

0 comments on commit 6f12763

Please sign in to comment.