diff --git a/charts/plugin-barman-cloud/README.md b/charts/plugin-barman-cloud/README.md index 7b39ab9ac7..0f78b65363 100644 --- a/charts/plugin-barman-cloud/README.md +++ b/charts/plugin-barman-cloud/README.md @@ -27,6 +27,7 @@ Helm Chart for CloudNativePG's CNPG-I backup plugin using Barman Cloud | affinity | object | `{}` | Affinity for the operator to be installed. | | certificate.createClientCertificate | bool | `true` | Specifies whether the client certificate should be created. | | certificate.createServerCertificate | bool | `true` | Specifies whether the server certificate should be created. | +| certificate.createIssuer | bool | `true` | Specifies whether the issuer object should be created. | | certificate.duration | string | `"2160h"` | The duration of the certificates. | | certificate.issuerName | string | `"selfsigned-issuer"` | The name of the issuer to use for the certificates. | | certificate.renewBefore | string | `"360h"` | The renew before time for the certificates. | diff --git a/charts/plugin-barman-cloud/templates/certificate-issuer.yaml b/charts/plugin-barman-cloud/templates/certificate-issuer.yaml index 64f078e8e6..8ae9132261 100644 --- a/charts/plugin-barman-cloud/templates/certificate-issuer.yaml +++ b/charts/plugin-barman-cloud/templates/certificate-issuer.yaml @@ -16,11 +16,13 @@ # # SPDX-License-Identifier: Apache-2.0 # +{{- if .Values.certificate.createIssuer }} --- apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: {{ include "plugin-barman-cloud.fullname" . }}-selfsigned-issuer + name: {{ include "plugin-barman-cloud.fullname" . }}-{{ .Values.certificate.issuerName }} namespace: {{ include "plugin-barman-cloud.namespace" . }} spec: selfSigned: {} +{{- end }} diff --git a/charts/plugin-barman-cloud/templates/client-certificate.yaml b/charts/plugin-barman-cloud/templates/client-certificate.yaml index 5f4aeafe76..baa41db48b 100644 --- a/charts/plugin-barman-cloud/templates/client-certificate.yaml +++ b/charts/plugin-barman-cloud/templates/client-certificate.yaml @@ -30,7 +30,7 @@ spec: issuerRef: group: cert-manager.io kind: Issuer - name: {{ include "plugin-barman-cloud.fullname" . }}-selfsigned-issuer + name: {{ include "plugin-barman-cloud.fullname" . }}-{{ .Values.certificate.issuerName }} renewBefore: {{ .Values.certificate.renewBefore | default "360h" }} secretName: barman-cloud-client-tls usages: diff --git a/charts/plugin-barman-cloud/templates/server-certificate.yaml b/charts/plugin-barman-cloud/templates/server-certificate.yaml index e82eaa34ba..b34d2f6a04 100644 --- a/charts/plugin-barman-cloud/templates/server-certificate.yaml +++ b/charts/plugin-barman-cloud/templates/server-certificate.yaml @@ -32,7 +32,7 @@ spec: issuerRef: group: cert-manager.io kind: Issuer - name: {{ include "plugin-barman-cloud.fullname" . }}-selfsigned-issuer + name: {{ include "plugin-barman-cloud.fullname" . }}-{{ .Values.certificate.issuerName }} renewBefore: {{ .Values.certificate.renewBefore | default "360h" }} secretName: barman-cloud-server-tls usages: diff --git a/charts/plugin-barman-cloud/values.schema.json b/charts/plugin-barman-cloud/values.schema.json index 112c01ae19..319dece81f 100644 --- a/charts/plugin-barman-cloud/values.schema.json +++ b/charts/plugin-barman-cloud/values.schema.json @@ -41,6 +41,13 @@ "title": "createServerCertificate", "type": "boolean" }, + "createIssuer": { + "default": true, + "description": "Specifies whether the issuer object should be created.", + "required": [], + "title": "createIssuer", + "type": "boolean" + }, "duration": { "default": "2160h", "description": "The duration of the certificates.", @@ -66,6 +73,7 @@ "required": [ "createClientCertificate", "createServerCertificate", + "createIssuer", "issuerName", "duration", "renewBefore" diff --git a/charts/plugin-barman-cloud/values.yaml b/charts/plugin-barman-cloud/values.yaml index ea37056316..3362fcf38c 100644 --- a/charts/plugin-barman-cloud/values.yaml +++ b/charts/plugin-barman-cloud/values.yaml @@ -189,6 +189,8 @@ certificate: createClientCertificate: true # -- Specifies whether the server certificate should be created. createServerCertificate: true + # -- Specifies whether the issuer should be created. + createIssuer: true # -- The name of the issuer to use for the certificates. issuerName: selfsigned-issuer # -- The duration of the certificates.