From cff838781949a7bd9be923f3a2cb60311f18d86d Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Mon, 18 Oct 2021 14:31:20 -0300 Subject: [PATCH 1/5] debugging formula --- vkpr/create/formula/src/unix/formula/formula.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/vkpr/create/formula/src/unix/formula/formula.sh b/vkpr/create/formula/src/unix/formula/formula.sh index d4d5e6e6..0973dc04 100755 --- a/vkpr/create/formula/src/unix/formula/formula.sh +++ b/vkpr/create/formula/src/unix/formula/formula.sh @@ -9,6 +9,9 @@ runFormula() { if [ -z "$VKPR_WORKSPACE_PATH" ]; then REAL_WORKSPACE_PATH="$CURRENT_PWD" fi + #echo "DEBUG VKPR_FORMULA_PATH='$VKPR_FORMULA_PATH'" + #echo "DEBUG VKPR_FORMULA='$VKPR_FORMULA'" + if [ -z "$VKPR_FORMULA_PATH" ]; then REAL_FORMULA_PATH="$REAL_WORKSPACE_PATH/${VKPR_FORMULA// //}" fi @@ -16,6 +19,7 @@ runFormula() { local REAL_WORKSPACE_NAME=$(getWorkspaceName "$REAL_WORKSPACE_PATH") startInfos + cat << EOF | { "formulaCmd":"$REAL_FORMULA", @@ -34,7 +38,7 @@ startInfos() { echoColor "bold" "$(echoColor "blue" "Formula Name:") ${VKPR_FORMULA}" echoColor "bold" "$(echoColor "blue" "Formula Language:") ${VKPR_FORMULA_LANGUAGE}" echoColor "bold" "$(echoColor "blue" "Formula Workspace:") ${REAL_WORKSPACE_NAME}" - echoColor "bold" "$(echoColor "blue" "Formula Path:") ${REAL_WORKSPACE_PATH}" + echoColor "bold" "$(echoColor "blue" "Formula Path:") ${REAL_FORMULA_PATH}" echo "==============================" } From aa512efb6dbf3d3c6bb427509af044024abd7a78 Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Mon, 18 Oct 2021 14:33:44 -0300 Subject: [PATCH 2/5] new postgres createdb formula --- vkpr/postgres/createdb/README.md | 1 + vkpr/postgres/createdb/build.sh | 11 +++++++++++ vkpr/postgres/createdb/config.json | 5 +++++ vkpr/postgres/createdb/help.json | 4 ++++ vkpr/postgres/createdb/metadata.json | 17 +++++++++++++++++ vkpr/postgres/createdb/src/main.sh | 11 +++++++++++ .../createdb/src/unix/formula/formula.sh | 5 +++++ 7 files changed, 54 insertions(+) create mode 100755 vkpr/postgres/createdb/README.md create mode 100755 vkpr/postgres/createdb/build.sh create mode 100755 vkpr/postgres/createdb/config.json create mode 100644 vkpr/postgres/createdb/help.json create mode 100755 vkpr/postgres/createdb/metadata.json create mode 100755 vkpr/postgres/createdb/src/main.sh create mode 100755 vkpr/postgres/createdb/src/unix/formula/formula.sh diff --git a/vkpr/postgres/createdb/README.md b/vkpr/postgres/createdb/README.md new file mode 100755 index 00000000..8b137891 --- /dev/null +++ b/vkpr/postgres/createdb/README.md @@ -0,0 +1 @@ + diff --git a/vkpr/postgres/createdb/build.sh b/vkpr/postgres/createdb/build.sh new file mode 100755 index 00000000..3f067481 --- /dev/null +++ b/vkpr/postgres/createdb/build.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +BIN_FOLDER=bin +BINARY_NAME_UNIX=run.sh +ENTRY_POINT_UNIX=main.sh + +#bash-build: + mkdir -p $BIN_FOLDER + cp -r src/* $BIN_FOLDER + mv $BIN_FOLDER/$ENTRY_POINT_UNIX $BIN_FOLDER/$BINARY_NAME_UNIX + chmod +x $BIN_FOLDER/$BINARY_NAME_UNIX diff --git a/vkpr/postgres/createdb/config.json b/vkpr/postgres/createdb/config.json new file mode 100755 index 00000000..5f3a3a15 --- /dev/null +++ b/vkpr/postgres/createdb/config.json @@ -0,0 +1,5 @@ +{ + "inputs": [], + "template": "shell-bat", + "templateRelease:": "2.16.2" +} diff --git a/vkpr/postgres/createdb/help.json b/vkpr/postgres/createdb/help.json new file mode 100644 index 00000000..8cfcf2e7 --- /dev/null +++ b/vkpr/postgres/createdb/help.json @@ -0,0 +1,4 @@ +{ + "short": "", + "long": "" +} diff --git a/vkpr/postgres/createdb/metadata.json b/vkpr/postgres/createdb/metadata.json new file mode 100755 index 00000000..13c21559 --- /dev/null +++ b/vkpr/postgres/createdb/metadata.json @@ -0,0 +1,17 @@ +{ + "execution": [ + "local" + ], + "os": { + "deps": [], + "support": [ + "mac", + "linux" + ] + }, + "tags": [ + "vkpr", + "postgres", + "createdb" + ] +} diff --git a/vkpr/postgres/createdb/src/main.sh b/vkpr/postgres/createdb/src/main.sh new file mode 100755 index 00000000..77b194fb --- /dev/null +++ b/vkpr/postgres/createdb/src/main.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +VKPR_SCRIPTS=~/.vkpr/src + +source $VKPR_SCRIPTS/log.sh +source $VKPR_SCRIPTS/var.sh +source $VKPR_SCRIPTS/helper.sh + +. "$(dirname "$0")"/unix/formula/formula.sh --source-only + +runFormula diff --git a/vkpr/postgres/createdb/src/unix/formula/formula.sh b/vkpr/postgres/createdb/src/unix/formula/formula.sh new file mode 100755 index 00000000..54930369 --- /dev/null +++ b/vkpr/postgres/createdb/src/unix/formula/formula.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +runFormula() { + echo "Hello World" +} From 1f6de94467986555ed41c77713f902b3bac43382 Mon Sep 17 00:00:00 2001 From: Andre Fernandes Date: Wed, 20 Oct 2021 10:39:42 -0300 Subject: [PATCH 3/5] formula create database --- vkpr/postgres/createdb/config.json | 18 +++++++++++++++++- vkpr/postgres/createdb/help.json | 4 ++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/vkpr/postgres/createdb/config.json b/vkpr/postgres/createdb/config.json index 5f3a3a15..d00e58e9 100755 --- a/vkpr/postgres/createdb/config.json +++ b/vkpr/postgres/createdb/config.json @@ -1,5 +1,21 @@ { - "inputs": [], + "inputs": [ + { + "label": "Type the new database name: ", + "name": "dbname", + "type": "text" + }, + { + "label": "Type the db user name: ", + "name": "dbuser", + "type": "text" + }, + { + "label": "Type the db users' password: ", + "name": "dbpassword", + "type": "text" + } + ], "template": "shell-bat", "templateRelease:": "2.16.2" } diff --git a/vkpr/postgres/createdb/help.json b/vkpr/postgres/createdb/help.json index 8cfcf2e7..05c84021 100644 --- a/vkpr/postgres/createdb/help.json +++ b/vkpr/postgres/createdb/help.json @@ -1,4 +1,4 @@ { - "short": "", - "long": "" + "short": "Create new database", + "long": "Create new database with new owner (user/passwd)" } From ee5fdc45335fda0fb02e66c218d7efae0d4beb4d Mon Sep 17 00:00:00 2001 From: Jfurtado1 Date: Thu, 21 Oct 2021 09:51:49 -0300 Subject: [PATCH 4/5] Created formula to create db and updated inputs --- vkpr/postgres/createdb/config.json | 6 +++++- vkpr/postgres/createdb/src/unix/formula/formula.sh | 8 +++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/vkpr/postgres/createdb/config.json b/vkpr/postgres/createdb/config.json index d00e58e9..925d4f81 100755 --- a/vkpr/postgres/createdb/config.json +++ b/vkpr/postgres/createdb/config.json @@ -14,8 +14,12 @@ "label": "Type the db users' password: ", "name": "dbpassword", "type": "text" + }, + { + "name": "password", + "type": "CREDENTIAL_POSTGRES_PASSWORD" } ], "template": "shell-bat", "templateRelease:": "2.16.2" -} +} \ No newline at end of file diff --git a/vkpr/postgres/createdb/src/unix/formula/formula.sh b/vkpr/postgres/createdb/src/unix/formula/formula.sh index 54930369..049ae753 100755 --- a/vkpr/postgres/createdb/src/unix/formula/formula.sh +++ b/vkpr/postgres/createdb/src/unix/formula/formula.sh @@ -1,5 +1,11 @@ #!/bin/bash runFormula() { - echo "Hello World" + local PG_PASSWORD=$($VKPR_JQ -r '.credential.password' ~/.rit/credentials/default/postgres) + if [[ $(checkPodName "postgres-postgresql") = "true" ]]; then + $VKPR_KUBECTL run init-db --rm -it --restart="Never" --namespace $VKPR_K8S_NAMESPACE --image docker.io/bitnami/postgresql:11.13.0-debian-10-r0 --env="PGUSER=postgres" --env="PGPASSWORD=$PG_PASSWORD" --env="PGHOST=postgres-postgresql" --env="PGPORT=5432" --env="PGDATABASE=postgres" \ + --command -- psql -c '\x' -c "CREATE USER $DBUSER WITH ENCRYPTED PASSWORD '$DBPASSWORD';" -c "CREATE DATABASE $DBNAME;" -c "GRANT ALL PRIVILEGES ON DATABASE $DBNAME TO $DBUSER" + else + echoColor "red" "Error, Postgresql doesn't up or installed yet" + fi } From 606c899382b5f18e58920b3d5df45fa842a58988 Mon Sep 17 00:00:00 2001 From: Jpeedroza Date: Fri, 22 Oct 2021 16:05:34 -0300 Subject: [PATCH 5/5] Created formula to cert-manager in AWS Route53 --- vkpr/cert-manager/install/aws/README.md | 1 + vkpr/cert-manager/install/aws/build.sh | 11 +++ vkpr/cert-manager/install/aws/config.json | 59 ++++++++++++++++ vkpr/cert-manager/install/aws/help.json | 4 ++ vkpr/cert-manager/install/aws/metadata.json | 18 +++++ vkpr/cert-manager/install/aws/src/main.sh | 11 +++ .../install/aws/src/unix/formula/formula.sh | 67 +++++++++++++++++++ .../install/aws/src/utils/IAM-policy.json | 23 +++++++ .../install/aws/src/utils/cert-manager.yaml | 7 ++ .../install/aws/src/utils/issuers.yaml | 43 ++++++++++++ .../install/aws/src/utils/route53-secret.yaml | 8 +++ .../custom-acme/src/unix/formula/formula.sh | 2 +- .../install/do/src/unix/formula/formula.sh | 2 +- .../do/src/utils/cert-manager-custom-ca.yaml | 15 ----- 14 files changed, 254 insertions(+), 17 deletions(-) create mode 100755 vkpr/cert-manager/install/aws/README.md create mode 100755 vkpr/cert-manager/install/aws/build.sh create mode 100755 vkpr/cert-manager/install/aws/config.json create mode 100644 vkpr/cert-manager/install/aws/help.json create mode 100755 vkpr/cert-manager/install/aws/metadata.json create mode 100755 vkpr/cert-manager/install/aws/src/main.sh create mode 100755 vkpr/cert-manager/install/aws/src/unix/formula/formula.sh create mode 100644 vkpr/cert-manager/install/aws/src/utils/IAM-policy.json create mode 100644 vkpr/cert-manager/install/aws/src/utils/cert-manager.yaml create mode 100644 vkpr/cert-manager/install/aws/src/utils/issuers.yaml create mode 100644 vkpr/cert-manager/install/aws/src/utils/route53-secret.yaml delete mode 100644 vkpr/cert-manager/install/do/src/utils/cert-manager-custom-ca.yaml diff --git a/vkpr/cert-manager/install/aws/README.md b/vkpr/cert-manager/install/aws/README.md new file mode 100755 index 00000000..8b137891 --- /dev/null +++ b/vkpr/cert-manager/install/aws/README.md @@ -0,0 +1 @@ + diff --git a/vkpr/cert-manager/install/aws/build.sh b/vkpr/cert-manager/install/aws/build.sh new file mode 100755 index 00000000..3f067481 --- /dev/null +++ b/vkpr/cert-manager/install/aws/build.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +BIN_FOLDER=bin +BINARY_NAME_UNIX=run.sh +ENTRY_POINT_UNIX=main.sh + +#bash-build: + mkdir -p $BIN_FOLDER + cp -r src/* $BIN_FOLDER + mv $BIN_FOLDER/$ENTRY_POINT_UNIX $BIN_FOLDER/$BINARY_NAME_UNIX + chmod +x $BIN_FOLDER/$BINARY_NAME_UNIX diff --git a/vkpr/cert-manager/install/aws/config.json b/vkpr/cert-manager/install/aws/config.json new file mode 100755 index 00000000..81173851 --- /dev/null +++ b/vkpr/cert-manager/install/aws/config.json @@ -0,0 +1,59 @@ +{ + "inputs": [ + { + "label": "Type your email to use to generate certificates:", + "default": "default@vkpr.com", + "name": "email", + "required": true, + "tutorial": "@", + "type": "text", + "cache": { + "active": true, + "qty": 2, + "newLabel": "Type other email: " + } + }, + { + "default": "letsencrypt-staging", + "items": [ + "letsencrypt-staging", + "letsencrypt-production" + ], + "label": "What is the default cluster issuer? ", + "name": "issuer", + "required": true, + "type": "text" + }, + { + "name": "aws_access_key", + "type": "CREDENTIAL_AWS_ACCESSKEYID" + }, + { + "name": "aws_secret_key", + "type": "CREDENTIAL_AWS_SECRETACCESSKEY" + }, + { + "name": "aws_region", + "label": "Type your aws region: ", + "type": "text", + "default": "us-east-1", + "cache": { + "active": true, + "qty": 2, + "newLabel": "Type another region: " + } + }, + { + "name": "aws_iam_role_arn", + "label": "Type your IAM Role ARN: ", + "type": "text", + "cache": { + "active": true, + "qty": 2, + "newLabel": "Type another IAM Role ARN: " + } + } + ], + "template": "shell-bat", + "templateRelease": "2.17.0" +} \ No newline at end of file diff --git a/vkpr/cert-manager/install/aws/help.json b/vkpr/cert-manager/install/aws/help.json new file mode 100644 index 00000000..8cfcf2e7 --- /dev/null +++ b/vkpr/cert-manager/install/aws/help.json @@ -0,0 +1,4 @@ +{ + "short": "", + "long": "" +} diff --git a/vkpr/cert-manager/install/aws/metadata.json b/vkpr/cert-manager/install/aws/metadata.json new file mode 100755 index 00000000..f6d224df --- /dev/null +++ b/vkpr/cert-manager/install/aws/metadata.json @@ -0,0 +1,18 @@ +{ + "execution": [ + "local" + ], + "os": { + "deps": [], + "support": [ + "mac", + "linux" + ] + }, + "tags": [ + "vkpr", + "cert-manager", + "install", + "aws" + ] +} diff --git a/vkpr/cert-manager/install/aws/src/main.sh b/vkpr/cert-manager/install/aws/src/main.sh new file mode 100755 index 00000000..77b194fb --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/main.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +VKPR_SCRIPTS=~/.vkpr/src + +source $VKPR_SCRIPTS/log.sh +source $VKPR_SCRIPTS/var.sh +source $VKPR_SCRIPTS/helper.sh + +. "$(dirname "$0")"/unix/formula/formula.sh --source-only + +runFormula diff --git a/vkpr/cert-manager/install/aws/src/unix/formula/formula.sh b/vkpr/cert-manager/install/aws/src/unix/formula/formula.sh new file mode 100755 index 00000000..6272966e --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/unix/formula/formula.sh @@ -0,0 +1,67 @@ +#!/bin/sh + +runFormula() { + checkGlobalConfig $EMAIL "default@vkpr.com" "cert-manager.email" "EMAIL" + + startInfos + installCRDS + addCertManager + installCertManager + addTokenDNS + installIssuer +} + +installCRDS() { + echoColor "yellow" "Installing cert-manager CRDS beforehand..." + $VKPR_KUBECTL apply -f "https://github.com/jetstack/cert-manager/releases/download/$VKPR_CERT_VERSION/cert-manager.crds.yaml" +} + +addCertManager() { + registerHelmRepository jetstack https://charts.jetstack.io +} + +installCertManager() { + echoColor "yellow" "Installing cert-manager..." + local VKPR_CERT_MANAGER_VALUES=$(dirname "$0")/utils/cert-manager.yaml + local VKPR_ENV_CERT_ISSUER="$ISSUER" + $VKPR_YQ eval $VKPR_CERT_MANAGER_VALUES \ + | $VKPR_HELM upgrade -i -f - \ + -n cert-manager --create-namespace \ + --set ingressShim.defaultIssuerName="$VKPR_ENV_CERT_ISSUER" \ + --version "$VKPR_CERT_VERSION" \ + --wait \ + cert-manager jetstack/cert-manager +} + + +addTokenDNS() { + local VKPR_CERT_TOKEN=$(dirname "$0")/utils/route53-secret.yaml + local BASE64_ARGS="" # detect OS for proper base64 args + if [[ "$OSTYPE" != "darwin"* ]]; then + BASE64_ARGS="-w0" + fi + echoColor "yellow" "Adding the Token..." + local VKPR_INPUT_SECRET_KEY_BASE64=$(echo "$AWS_SECRET_KEY" | base64 $BASE64_ARGS) + $VKPR_YQ eval '.data.secret-access-key = strenv(VKPR_INPUT_SECRET_KEY_BASE64) | + .data.secret-access-key style = "double"' "$VKPR_CERT_TOKEN" \ + | $VKPR_KUBECTL apply -f - +} + +installIssuer() { + echoColor "yellow" "Installing Issuers and/or ClusterIssuers..." + local VKPR_ISSUER_VALUES=$(dirname "$0")/utils/issuers.yaml + local VKPR_ENV_INPUT_EMAIL="$VKPR_ENV_EMAIL" + $VKPR_YQ eval '.spec.acme.email = "'$VKPR_ENV_INPUT_EMAIL'" | + .spec.acme.solvers[0].dns01.route53.region = "'$AWS_REGION'" | + .spec.acme.solvers[0].dns01.route53.accessKeyID = "'$AWS_ACCESS_KEY'" | + .spec.acme.solvers[0].dns01.route53.role = "'$AWS_IAM_ROLE_ARN'"' "$VKPR_ISSUER_VALUES" \ + | $VKPR_KUBECTL apply -f - +} + +startInfos() { + echo "==============================" + echoColor "bold" "$(echoColor "green" "VKPR Cert-manager Install Routine")" + echoColor "bold" "$(echoColor "blue" "Provider:") AWS" + echoColor "bold" "$(echoColor "blue" "Email:") ${VKPR_ENV_EMAIL}" + echo "==============================" +} diff --git a/vkpr/cert-manager/install/aws/src/utils/IAM-policy.json b/vkpr/cert-manager/install/aws/src/utils/IAM-policy.json new file mode 100644 index 00000000..e4f0aa38 --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/utils/IAM-policy.json @@ -0,0 +1,23 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": "route53:GetChange", + "Resource": "arn:aws:route53:::change/*" + }, + { + "Effect": "Allow", + "Action": [ + "route53:ChangeResourceRecordSets", + "route53:ListResourceRecordSets" + ], + "Resource": "arn:aws:route53:::hostedzone/*" + }, + { + "Effect": "Allow", + "Action": "route53:ListHostedZonesByName", + "Resource": "*" + } + ] +} \ No newline at end of file diff --git a/vkpr/cert-manager/install/aws/src/utils/cert-manager.yaml b/vkpr/cert-manager/install/aws/src/utils/cert-manager.yaml new file mode 100644 index 00000000..453a5cf9 --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/utils/cert-manager.yaml @@ -0,0 +1,7 @@ +installCRDs: false +ingressShim: + defaultIssuerName: letsencrypt-staging + defaultIssuerKind: ClusterIssuer + defaultIssuerGroup: cert-manager.io +prometheus: + enabled: false diff --git a/vkpr/cert-manager/install/aws/src/utils/issuers.yaml b/vkpr/cert-manager/install/aws/src/utils/issuers.yaml new file mode 100644 index 00000000..241912cc --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/utils/issuers.yaml @@ -0,0 +1,43 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + namespace: cert-manager +spec: + acme: + email: user@example.com + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-staging-key + solvers: + - selector: {} + dns01: + route53: + region: + accessKeyID: + secretAccessKeySecretRef: + name: route53-secret + key: secret-access-key + role: +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod + namespace: cert-manager +spec: + acme: + email: user@example.com + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: letsencrypt-production-key + solvers: + - selector: {} + dns01: + route53: + region: + accessKeyID: + secretAccessKeySecretRef: + name: route53-secret + key: secret-access-key + role: diff --git a/vkpr/cert-manager/install/aws/src/utils/route53-secret.yaml b/vkpr/cert-manager/install/aws/src/utils/route53-secret.yaml new file mode 100644 index 00000000..178bec31 --- /dev/null +++ b/vkpr/cert-manager/install/aws/src/utils/route53-secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: route53-secret + namespace: cert-manager +type: Opaque +data: + secret-access-key: diff --git a/vkpr/cert-manager/install/custom-acme/src/unix/formula/formula.sh b/vkpr/cert-manager/install/custom-acme/src/unix/formula/formula.sh index 0cf54711..3af69769 100755 --- a/vkpr/cert-manager/install/custom-acme/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/custom-acme/src/unix/formula/formula.sh @@ -25,7 +25,7 @@ installCertManager() { -n cert-manager --create-namespace \ --version "$VKPR_CERT_VERSION" \ --wait \ - vkpr-cert-manager jetstack/cert-manager + cert-manager jetstack/cert-manager } installIssuer() { diff --git a/vkpr/cert-manager/install/do/src/unix/formula/formula.sh b/vkpr/cert-manager/install/do/src/unix/formula/formula.sh index ec0a18d1..ff0b85b5 100755 --- a/vkpr/cert-manager/install/do/src/unix/formula/formula.sh +++ b/vkpr/cert-manager/install/do/src/unix/formula/formula.sh @@ -31,7 +31,7 @@ installCertManager() { --set ingressShim.defaultIssuerName="$VKPR_ENV_CERT_ISSUER" \ --version "$VKPR_CERT_VERSION" \ --wait \ - vkpr-cert-manager jetstack/cert-manager + cert-manager jetstack/cert-manager } diff --git a/vkpr/cert-manager/install/do/src/utils/cert-manager-custom-ca.yaml b/vkpr/cert-manager/install/do/src/utils/cert-manager-custom-ca.yaml deleted file mode 100644 index ba0224c7..00000000 --- a/vkpr/cert-manager/install/do/src/utils/cert-manager-custom-ca.yaml +++ /dev/null @@ -1,15 +0,0 @@ -installCRDs: false -ingressShim: - defaultIssuerName: stepissuer - defaultIssuerKind: ClusterIssuer - defaultIssuerGroup: cert-manager.io -prometheus: - enabled: false -volumes: - - name: custom-ca - secret: - secretName: custom-ca-secret -volumeMounts: - - name: custom-ca - mountPath: "/etc/ssl/certs" - readOnly: true