Loading helm/vault-job/vault-job.yaml +12 −7 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: vault-prepare-certs namespace: mon namespace: ocf-vault labels: io.kompose.service: api-invocation-logs app: capif Loading @@ -25,8 +25,15 @@ data: # to execute the next commands in vault # otherwise, if use the vault as dev's mode. Just # type the token's dev. export VAULT_TOKEN="dev-only-token" export DOMAIN1=capif.mobilesandbox.cloud export VAULT_TOKEN="hvs.mn50Q8kpMuxsPUsCNlwQekCd" export DOMAIN1=*.pre-prod.int export DOMAIN2=*.staging.int export DOMAIN3=*.developer.int # local domains # export DOMAIN4=*.pre-prod.svc.cluster.local # export DOMAIN5=*.staging.svc.cluster.local # export DOMAIN6=*.developer.svc.cluster.local vault secrets enable pki Loading Loading @@ -69,7 +76,7 @@ data: vault write pki_int/intermediate/set-signed certificate=@capif_intermediate.cert.pem #Crear rol en Vault vault write pki_int/roles/my-ca use_csr_common_name=false require_cn=false allowed_domains="*" allow_any_name=true allow_bare_domains=true allow_glob_domains=true allow_subdomains=true max_ttl=4300h ttl=4300h vault write pki_int/roles/my-ca use_csr_common_name=true require_cn=false allowed_domains="*" allow_any_name=true allow_bare_domains=true allow_glob_domains=true allow_subdomains=true max_ttl=4300h ttl=4300h # Emitir un certificado firmado por la CA intermedia # vault write -format=json pki_int/issue/my-ca \ Loading Loading @@ -119,8 +126,6 @@ data: DNS.3 = \$ENV::DOMAIN3 EOF export DOMAIN2=nginx.mon.svc.cluster.local export DOMAIN3=nginx.mon-staging.svc.cluster.local export COUNTRY=ES # 2 letter country-code export STATE=Madrid # state or province name export LOCALITY=Madrid # Locality Name (e.g. city) Loading Loading @@ -222,7 +227,7 @@ apiVersion: batch/v1 kind: Job metadata: name: vault-pki namespace: mon namespace: ocf-vault labels: io.kompose.service: vault-pki app: capif Loading Loading
helm/vault-job/vault-job.yaml +12 −7 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: vault-prepare-certs namespace: mon namespace: ocf-vault labels: io.kompose.service: api-invocation-logs app: capif Loading @@ -25,8 +25,15 @@ data: # to execute the next commands in vault # otherwise, if use the vault as dev's mode. Just # type the token's dev. export VAULT_TOKEN="dev-only-token" export DOMAIN1=capif.mobilesandbox.cloud export VAULT_TOKEN="hvs.mn50Q8kpMuxsPUsCNlwQekCd" export DOMAIN1=*.pre-prod.int export DOMAIN2=*.staging.int export DOMAIN3=*.developer.int # local domains # export DOMAIN4=*.pre-prod.svc.cluster.local # export DOMAIN5=*.staging.svc.cluster.local # export DOMAIN6=*.developer.svc.cluster.local vault secrets enable pki Loading Loading @@ -69,7 +76,7 @@ data: vault write pki_int/intermediate/set-signed certificate=@capif_intermediate.cert.pem #Crear rol en Vault vault write pki_int/roles/my-ca use_csr_common_name=false require_cn=false allowed_domains="*" allow_any_name=true allow_bare_domains=true allow_glob_domains=true allow_subdomains=true max_ttl=4300h ttl=4300h vault write pki_int/roles/my-ca use_csr_common_name=true require_cn=false allowed_domains="*" allow_any_name=true allow_bare_domains=true allow_glob_domains=true allow_subdomains=true max_ttl=4300h ttl=4300h # Emitir un certificado firmado por la CA intermedia # vault write -format=json pki_int/issue/my-ca \ Loading Loading @@ -119,8 +126,6 @@ data: DNS.3 = \$ENV::DOMAIN3 EOF export DOMAIN2=nginx.mon.svc.cluster.local export DOMAIN3=nginx.mon-staging.svc.cluster.local export COUNTRY=ES # 2 letter country-code export STATE=Madrid # state or province name export LOCALITY=Madrid # Locality Name (e.g. city) Loading Loading @@ -222,7 +227,7 @@ apiVersion: batch/v1 kind: Job metadata: name: vault-pki namespace: mon namespace: ocf-vault labels: io.kompose.service: vault-pki app: capif Loading
