devops-stack-module-cert-manager
A DevOps Stack module for installing and configuring cert-manager.
The cert-manager chart used by this module is shipped in this repository as well, in order to avoid any unwanted behaviors caused by unsupported versions.
| Current Chart Version | Original Repository | Default Values |
|---|---|---|
1.16.1 |
Since this module is meant to be instantiated using its variants, the usage documentation is available in each variant ( AKS | EKS | Scaleway | Self-signed | SKS ).
Below you will only find the technical reference automatically generated from the *.tf files on the root module.
Technical Documentation
Resources
The following resources are used by this module:
-
argocd_application.this (resource)
-
argocd_project.this (resource)
-
null_resource.dependencies (resource)
-
null_resource.this (resource)
-
utils_deep_merge_yaml.values (data source)
Optional Inputs
The following input variables are optional (have default values):
argocd_project
Description: Name of the Argo CD AppProject where the Application should be created. If not set, the Application will be created in a new AppProject only for this Application.
Type: string
Default: null
argocd_labels
Description: Labels to attach to the Argo CD Application resource.
Type: map(string)
Default: {}
destination_cluster
Description: Destination cluster where the application should be deployed.
Type: string
Default: "in-cluster"
target_revision
Description: Override of target revision of the application chart.
Type: string
Default: "v9.0.2"
enable_service_monitor
Description: Enable Prometheus ServiceMonitor in the Helm chart.
Type: bool
Default: true
deep_merge_append_list
Description: A boolean flag to enable/disable appending lists instead of overwriting them.
Type: bool
Default: false
app_autosync
Description: Automated sync options for the Argo CD Application resource.
Type:
object({
allow_empty = optional(bool)
prune = optional(bool)
self_heal = optional(bool)
})Default:
{
"allow_empty": false,
"prune": true,
"self_heal": true
}dependency_ids
Description: IDs of the other modules on which this module depends on.
Type: map(string)
Default: {}
resources
Description: Resource limits and requests for cert-manager’s components. Follow the style on official documentation to understand the format of the values.
| These are not production values. You should always adjust them to your needs. |
Type:
object({
controller = optional(object({
requests = optional(object({
cpu = optional(string, "50m")
memory = optional(string, "128Mi")
}), {})
limits = optional(object({
cpu = optional(string)
memory = optional(string, "128Mi")
}), {})
}), {})
webhook = optional(object({
requests = optional(object({
cpu = optional(string, "50m")
memory = optional(string, "128Mi")
}), {})
limits = optional(object({
cpu = optional(string)
memory = optional(string, "128Mi")
}), {})
}), {})
cainjector = optional(object({
requests = optional(object({
cpu = optional(string, "50m")
memory = optional(string, "128Mi")
}), {})
limits = optional(object({
cpu = optional(string)
memory = optional(string, "128Mi")
}), {})
}), {})
startupapicheck = optional(object({
requests = optional(object({
cpu = optional(string, "50m")
memory = optional(string, "128Mi")
}), {})
limits = optional(object({
cpu = optional(string)
memory = optional(string, "128Mi")
}), {})
}), {})
})Default: {}
replicas
Description: Number of replicas for cert-manager’s components.
Type:
object({
controller = optional(number, 1)
webhook = optional(number, 1)
cainjector = optional(number, 1)
})Default: {}
letsencrypt_issuer_email_main
Description: E-mail address used to register with Let’s Encrypt.
Type: string
Default: null
use_default_dns01_solver
Description: Whether to use the default dns01 solver configuration.
Type: bool
Default: true
use_default_http01_solver
Description: Whether to use the default http01 solver configuration.
Type: bool
Default: true
custom_solver_configurations
Description: List of additional solver configurations, appended to the default dns01 and http01 solvers (if enabled).
Type: list(any)
Default: []
Outputs
The following outputs are exported:
id
Description: ID to pass other modules in order to refer to this module as a dependency.
cluster_issuers
Description: List of cluster issuers created by cert-manager.
Reference in table format
Show tables
= Requirements
| Name | Version |
|---|---|
>= 6 |
|
>= 3 |
|
>= 1 |
= Providers
| Name | Version |
|---|---|
>= 3 |
|
>= 6 |
|
>= 1 |
= Resources
| Name | Type |
|---|---|
resource |
|
resource |
|
resource |
|
resource |
|
data source |
= Inputs
| Name | Description | Type | Default | Required | ||
|---|---|---|---|---|---|---|
Name of the Argo CD AppProject where the Application should be created. If not set, the Application will be created in a new AppProject only for this Application. |
|
|
no |
|||
Labels to attach to the Argo CD Application resource. |
|
|
no |
|||
Destination cluster where the application should be deployed. |
|
|
no |
|||
Override of target revision of the application chart. |
|
|
no |
|||
Enable Prometheus ServiceMonitor in the Helm chart. |
|
|
no |
|||
Helm values, passed as a list of HCL structures. |
|
|
no |
|||
A boolean flag to enable/disable appending lists instead of overwriting them. |
|
|
no |
|||
Automated sync options for the Argo CD Application resource. |
|
|
no |
|||
IDs of the other modules on which this module depends on. |
|
|
no |
|||
Resource limits and requests for cert-manager’s components. Follow the style on official documentation to understand the format of the values.
|
|
|
no |
|||
Number of replicas for cert-manager’s components. |
|
|
no |
|||
E-mail address used to register with Let’s Encrypt. |
|
|
no |
|||
Whether to use the default dns01 solver configuration. |
|
|
no |
|||
Whether to use the default http01 solver configuration. |
|
|
no |
|||
List of additional solver configurations, appended to the default dns01 and http01 solvers (if enabled). |
|
|
no |
= Outputs
| Name | Description |
|---|---|
ID to pass other modules in order to refer to this module as a dependency. |
|
List of cluster issuers created by cert-manager. |