feat: provide the cert-issuer as a variable

mrsimonemms · Nov 1, 2024 · 0186791 · 0186791
1 parent 1fd6a34
commit 0186791
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 2 deletions.
diff --git a/modules/kubernetes/README.md b/modules/kubernetes/README.md
@@ -38,6 +38,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_argocd_version"></a> [argocd\_version](#input\_argocd\_version) | Version of ArgoCD to use - defaults to latest | `string` | `null` | no |
+| <a name="input_cluster_issuer"></a> [cluster\_issuer](#input\_cluster\_issuer) | Cluster issuer to use for certificate | `string` | `"letsencrypt-staging"` | no |
 | <a name="input_domain"></a> [domain](#input\_domain) | Domain to use - this may be a top-level or subdomain | `string` | n/a | yes |
 | <a name="input_hcloud_network_name"></a> [hcloud\_network\_name](#input\_hcloud\_network\_name) | Name of the network | `string` | n/a | yes |
 | <a name="input_hcloud_token"></a> [hcloud\_token](#input\_hcloud\_token) | Write token for the Hetzner API | `string` | n/a | yes |

diff --git a/modules/kubernetes/argocd.tf b/modules/kubernetes/argocd.tf
@@ -28,7 +28,8 @@ resource "helm_release" "argocd" {
 
   values = [
     templatefile("${path.module}/files/argocd.yaml", {
-      domain = "argocd.${var.domain}"
+      cluster_issuer = var.cluster_issuer
+      domain         = "argocd.${var.domain}"
     })
   ]
 }
diff --git a/modules/kubernetes/files/argocd.yaml b/modules/kubernetes/files/argocd.yaml
@@ -17,7 +17,7 @@ server:
       nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
       nginx.ingress.kubernetes.io/backend-protocol: HTTP
       kubernetes.io/tls-acme: "true"
-      cert-manager.io/cluster-issuer: letsencrypt
+      cert-manager.io/cluster-issuer: ${cluster_issuer}
     tls: true
     extraTLS:
       - hosts:

diff --git a/modules/kubernetes/variables.tf b/modules/kubernetes/variables.tf
@@ -18,6 +18,12 @@ variable "argocd_version" {
   default     = null
 }
 
+variable "cluster_issuer" {
+  type        = string
+  description = "Cluster issuer to use for certificate"
+  default     = "letsencrypt-staging"
+}
+
 variable "domain" {
   type        = string
   description = "Domain to use - this may be a top-level or subdomain"

diff --git a/stacks/prod/kubernetes/terragrunt.hcl b/stacks/prod/kubernetes/terragrunt.hcl
@@ -32,6 +32,7 @@ dependency "hetzner" {
 }
 
 inputs = {
+  cluster_issuer         = "letsencrypt"
   domain                 = "prod.simonemms.com"
   hcloud_network_name    = dependency.hetzner.outputs.hcloud_network_name
   k3s_cluster_cidr       = dependency.hetzner.outputs.k3s_cluster_cidr