| ktimoney | d27589c | 2022-12-12 15:02:27 +0000 | [diff] [blame^] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # ============LICENSE_START======================================================= |
| 4 | # Copyright (C) 2022 Nordix Foundation. |
| 5 | # ================================================================================ |
| 6 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 7 | # you may not use this file except in compliance with the License. |
| 8 | # You may obtain a copy of the License at |
| 9 | # |
| 10 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | # |
| 12 | # Unless required by applicable law or agreed to in writing, software |
| 13 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | # See the License for the specific language governing permissions and |
| 16 | # limitations under the License. |
| 17 | # |
| 18 | # SPDX-License-Identifier: Apache-2.0 |
| 19 | # ============LICENSE_END========================================================= |
| 20 | # |
| 21 | |
| 22 | cfssl gencert -initca ./ca-csr.json | cfssljson -bare ca |
| 23 | |
| 24 | cfssl gencert \ |
| 25 | -ca=ca.pem \ |
| 26 | -ca-key=ca-key.pem \ |
| 27 | -config=ca-config.json \ |
| 28 | -hostname="jwt-proxy-admission-controller,jwt-proxy-admission-controller.default.svc.cluster.local,jwt-proxy-admission-controller.default.svc,localhost,127.0.0.1" \ |
| 29 | -profile=default \ |
| 30 | ca-csr.json | cfssljson -bare webhook-cert |
| 31 | |
| 32 | |
| 33 | cat <<EOF > rapps-webhook-tls.yaml |
| 34 | apiVersion: v1 |
| 35 | kind: Secret |
| 36 | metadata: |
| 37 | name: webhook-cert |
| 38 | type: Opaque |
| 39 | data: |
| 40 | tls.crt: $(cat webhook-cert.pem | base64 | tr -d '\n') |
| 41 | tls.key: $(cat webhook-cert-key.pem | base64 | tr -d '\n') |
| 42 | EOF |
| 43 | |
| 44 | ca_pem_b64="$(openssl base64 -A <"ca.pem")" |
| 45 | echo $ca_pem_b64 |