Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/install/installer/pkg/components/ws-manager-mk2/tlssecret.go
2501 views
1
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.

2
// Licensed under the GNU Affero General Public License (AGPL).

3
// See License-AGPL.txt in the project root for license information.

4


5
package wsmanagermk2

6


7
import (

8
	"fmt"

9


10
	"github.com/gitpod-io/gitpod/installer/pkg/common"

11


12
	certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"

13
	cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"

14
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

15
	"k8s.io/apimachinery/pkg/runtime"

16
)

17


18
func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {

19
	serverAltNames := []string{

20
		fmt.Sprintf("gitpod.%s", ctx.Namespace),

21
		fmt.Sprintf("%s.%s.svc", Component, ctx.Namespace),

22
		Component,

23
		fmt.Sprintf("%s-dev", Component),

24
		fmt.Sprintf("%s.%s.svc", "ws-manager", ctx.Namespace),

25
		"ws-manager",

26
		fmt.Sprintf("%s-dev", "ws-manager"),

27
	}

28
	clientAltNames := []string{

29
		common.RegistryFacadeComponent,

30
		common.ServerComponent,

31
		common.WSManagerBridgeComponent,

32
		common.ImageBuilderComponent,

33
		common.WSProxyComponent,

34
		Component,

35
	}

36


37
	issuer := common.CertManagerCAIssuer

38


39
	return []runtime.Object{

40
		&certmanagerv1.Certificate{

41
			TypeMeta: common.TypeMetaCertificate,

42
			ObjectMeta: metav1.ObjectMeta{

43
				Name:      TLSSecretNameSecret,

44
				Namespace: ctx.Namespace,

45
				Labels:    common.DefaultLabels(Component),

46
			},

47
			Spec: certmanagerv1.CertificateSpec{

48
				Duration:   common.InternalCertDuration,

49
				SecretName: TLSSecretNameSecret,

50
				DNSNames:   serverAltNames,

51
				IssuerRef: cmmeta.ObjectReference{

52
					Name:  issuer,

53
					Kind:  certmanagerv1.ClusterIssuerKind,

54
					Group: "cert-manager.io",

55
				},

56
			},

57
		},

58
		&certmanagerv1.Certificate{

59
			TypeMeta: common.TypeMetaCertificate,

60
			ObjectMeta: metav1.ObjectMeta{

61
				Name:      Component,

62
				Namespace: ctx.Namespace,

63
				Labels:    common.DefaultLabels(Component),

64
			},

65
			Spec: certmanagerv1.CertificateSpec{

66
				Duration:   common.InternalCertDuration,

67
				SecretName: TLSSecretNameClient,

68
				DNSNames:   clientAltNames,

69
				IssuerRef: cmmeta.ObjectReference{

70
					Name:  issuer,

71
					Kind:  certmanagerv1.ClusterIssuerKind,

72
					Group: "cert-manager.io",

73
				},

74
			},

75
		},

76
	}, nil

77
}

78


79