argoyle
58b04fe47e
Add TLS configuration for staging-shiny and staging-shiny-api hosts in the ingress resources. Create a new namespace for ingress-nginx to better organize resources. Update kustomization files to include new certificates and secrets. Streamline setup process with improved wait commands for pod readiness.
908 B
908 B
Certificates
This section contains the CA certificates used for testing. The only step necessary is to install the CA. The rest of the documentation is for reference.
Setup
First we generate a key for our CA certificate:
openssl genrsa -out local-ca.key 2048
Then generate the CA certificate:
openssl req -new -x509 -nodes -days 365000 \
-key local-ca.key \
-out local-ca.pem
Generate a k8s secret:
kubectl create secret generic ca-key-pair2 \
--from-literal=tls.crt="$(cat local-ca.pem)" \
--from-literal=tls.key="$(cat local-ca.key)"
The certificates.yaml contains the secrets already and wil be used by cert-manager to sign certificates.
Install and trust the CA
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" local-ca.pem