postdeploy/helm/certmanagerissuer/templates/clusterissuer-prod.yaml (16 lines of code) (raw):
{{- if .Values.prod -}}
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
# The ACME server URL
server: https://acme-v02.api.letsencrypt.org/directory
# Email address used for ACME registration
email: {{ .Values.email }}
# Name of a secret used to store the ACME account private key
privateKeySecretRef:
name: "letsencrypt-prod"
# Enable the HTTP-01 challenge provider
solvers:
#- dns01:
# Add azureDNS resolver for Private endpoints, but this need to be fixed: https://github.com/cert-manager/website/issues/662
#azureDNS:
# clientID: $(az aks show -g az-k8s-e0hm-rg -n aks-az-k8s-e0hm --query identityProfile.kubeletidentity.clientId -o tsv)
# subscriptionID: 2d5bb2c8-8be8-4539-b48f-fbfd86852fa9
# resourceGroupName: domainssl
# hostedZoneName: azdemo.co.uk
- http01:
ingress:
class: {{ .Values.ingressClass }}
{{- end }}