From 0caa902d0569ca079dfcb10aa5b20e16396216e2 Mon Sep 17 00:00:00 2001 From: Adam Rush Date: Sun, 18 Oct 2020 18:31:15 +0100 Subject: [PATCH 1/3] Added option to omit letsencrypt / cert-manager annotations --- charts/sonatype-nexus/templates/ingress.yaml | 2 +- charts/sonatype-nexus/values.yaml | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/sonatype-nexus/templates/ingress.yaml b/charts/sonatype-nexus/templates/ingress.yaml index 5c6521e..69f64c0 100644 --- a/charts/sonatype-nexus/templates/ingress.yaml +++ b/charts/sonatype-nexus/templates/ingress.yaml @@ -15,7 +15,7 @@ metadata: kubernetes.io/ingress.class: nginx {{- if eq .Values.ingress.letsencryptEnvironment "prod" }} cert-manager.io/cluster-issuer: letsencrypt-prod - {{- else }} + {{- else if eq .Values.ingress.letsencryptEnvironment "staging" }} cert-manager.io/cluster-issuer: letsencrypt-staging {{- end }} # fixes "413 Request Entity Too Large" error when pushing docker images diff --git a/charts/sonatype-nexus/values.yaml b/charts/sonatype-nexus/values.yaml index 9b42e5f..f71ad9f 100644 --- a/charts/sonatype-nexus/values.yaml +++ b/charts/sonatype-nexus/values.yaml @@ -34,8 +34,9 @@ ingress: enabled: false # use "staging" environment during testing to avoid rate limiting # https://letsencrypt.org/docs/staging-environment/#rate-limits - # "staging" or "prod" - letsencryptEnvironment: "staging" + # "staging" or "prod". + # Leave blank to disable cert-manager + letsencryptEnvironment: "" annotations: nginx.org/hsts: "false" tls: From 4c148c640af9bcd0881d34ff5b31023824f1482c Mon Sep 17 00:00:00 2001 From: Adam Rush Date: Sun, 18 Oct 2020 18:34:16 +0100 Subject: [PATCH 2/3] Bumped chart to v0.2.7 --- charts/sonatype-nexus/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/sonatype-nexus/Chart.yaml b/charts/sonatype-nexus/Chart.yaml index 1369222..c0bd2e9 100644 --- a/charts/sonatype-nexus/Chart.yaml +++ b/charts/sonatype-nexus/Chart.yaml @@ -3,7 +3,7 @@ name: sonatype-nexus description: Sonatype Nexus is an open source repository manager type: application # This is the chart version -version: 0.2.6 +version: 0.2.7 # This is the version number of the application being deployed appVersion: 3.27.0 keywords: From 821e577906a9b9a66dc4f37660ecdb4cfb42cddc Mon Sep 17 00:00:00 2001 From: Adam Rush Date: Sun, 18 Oct 2020 18:42:09 +0100 Subject: [PATCH 3/3] Added ingress.certmanagerEnabled var --- charts/sonatype-nexus/templates/cluster-issuer-prod.yml | 2 +- charts/sonatype-nexus/templates/cluster-issuer-staging.yml | 2 +- charts/sonatype-nexus/values.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/sonatype-nexus/templates/cluster-issuer-prod.yml b/charts/sonatype-nexus/templates/cluster-issuer-prod.yml index fd4df8d..024465a 100644 --- a/charts/sonatype-nexus/templates/cluster-issuer-prod.yml +++ b/charts/sonatype-nexus/templates/cluster-issuer-prod.yml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if .Values.ingress.certmanagerEnabled -}} apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: diff --git a/charts/sonatype-nexus/templates/cluster-issuer-staging.yml b/charts/sonatype-nexus/templates/cluster-issuer-staging.yml index a355cdb..ddcaa71 100644 --- a/charts/sonatype-nexus/templates/cluster-issuer-staging.yml +++ b/charts/sonatype-nexus/templates/cluster-issuer-staging.yml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if .Values.ingress.certmanagerEnabled -}} apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: diff --git a/charts/sonatype-nexus/values.yaml b/charts/sonatype-nexus/values.yaml index f71ad9f..4289b62 100644 --- a/charts/sonatype-nexus/values.yaml +++ b/charts/sonatype-nexus/values.yaml @@ -32,10 +32,10 @@ image: ingress: enabled: false + certmanagerEnabled: false # use "staging" environment during testing to avoid rate limiting # https://letsencrypt.org/docs/staging-environment/#rate-limits - # "staging" or "prod". - # Leave blank to disable cert-manager + # "staging" or "prod" letsencryptEnvironment: "" annotations: nginx.org/hsts: "false"