Path: blob/main/install/installer/pkg/components/ws-daemon/tlssecret.go
2501 views
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.1// Licensed under the GNU Affero General Public License (AGPL).2// See License.AGPL.txt in the project root for license information.34package wsdaemon56import (7"fmt"89"github.com/gitpod-io/gitpod/installer/pkg/common"10certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"11cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"12metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"13"k8s.io/apimachinery/pkg/runtime"14)1516func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {17return []runtime.Object{18&certmanagerv1.Certificate{19TypeMeta: common.TypeMetaCertificate,20ObjectMeta: metav1.ObjectMeta{21Name: TLSSecretName,22Namespace: ctx.Namespace,23Labels: common.DefaultLabels(Component),24},25Spec: certmanagerv1.CertificateSpec{26Duration: common.InternalCertDuration,27SecretName: TLSSecretName,28DNSNames: []string{29fmt.Sprintf("gitpod.%s", ctx.Namespace),30fmt.Sprintf("%s.%s.svc", Component, ctx.Namespace),31Component,32"wsdaemon", // Seems this is hardcoded in WSManager33},34IssuerRef: cmmeta.ObjectReference{35Name: common.CertManagerCAIssuer,36Kind: certmanagerv1.ClusterIssuerKind,37Group: "cert-manager.io",38},39SecretTemplate: &certmanagerv1.CertificateSecretTemplate{40Labels: common.DefaultLabels(Component),41},42},43},44}, nil45}464748