{"id":44502991,"url":"https://github.com/abiondevelopment/cert-manager-webhook-abion","last_synced_at":"2026-02-13T07:58:15.122Z","repository":{"id":228950535,"uuid":"769160941","full_name":"abiondevelopment/cert-manager-webhook-abion","owner":"abiondevelopment","description":"A cert-manager ACME DNS01 webhook for Abion","archived":false,"fork":false,"pushed_at":"2025-09-26T12:49:01.000Z","size":190,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-26T13:23:37.198Z","etag":null,"topics":["acme","cert-manager","cert-manager-webhook"],"latest_commit_sha":null,"homepage":"https://abion.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abiondevelopment.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-08T13:20:54.000Z","updated_at":"2025-09-26T12:45:39.000Z","dependencies_parsed_at":"2024-04-18T13:41:34.234Z","dependency_job_id":"9156c866-8bdc-4c0a-a2d8-f70685232fd6","html_url":"https://github.com/abiondevelopment/cert-manager-webhook-abion","commit_stats":null,"previous_names":["abiondevelopment/cert-manager-webhook-abion"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/abiondevelopment/cert-manager-webhook-abion","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abiondevelopment%2Fcert-manager-webhook-abion","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abiondevelopment%2Fcert-manager-webhook-abion/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abiondevelopment%2Fcert-manager-webhook-abion/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abiondevelopment%2Fcert-manager-webhook-abion/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abiondevelopment","download_url":"https://codeload.github.com/abiondevelopment/cert-manager-webhook-abion/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abiondevelopment%2Fcert-manager-webhook-abion/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29399426,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-13T06:24:03.484Z","status":"ssl_error","status_checked_at":"2026-02-13T06:23:12.830Z","response_time":78,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme","cert-manager","cert-manager-webhook"],"created_at":"2026-02-13T07:58:14.417Z","updated_at":"2026-02-13T07:58:15.116Z","avatar_url":"https://github.com/abiondevelopment.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cert-manager-webhook-abion)](https://artifacthub.io/packages/search?repo=cert-manager-webhook-abion)\n\n# ACME webhook for Abion (cert-manager-webhook-abion)\n`cert-manager-webhook-abion` is an ACME webhook for [cert-manager]. It provides an ACME webhook for [cert-manager], which \nallows using a `DNS-01 challange` with [Abion]. Internally, the cert-manager-webhook-abion uses the \nAbion API to communicate with [Abion API].\n\n## Release History\nRefer to the [CHANGELOG](CHANGELOG.md) file.\n\n## Building\nBuild the docker image `abiondevelopment/cert-manager-webhook-abion:latest`:\n\n```\nmake build\n```\n\n## Docker images\nPrebuilt docker images can be found on [Docker Hub]\n\n## Compatibility\nThis webhook has been tested with [cert-manager] v1.14.4 and [minikube] v1.32.0 on Darwin 13.3 (arm64). In theory, it \nshould work on other hardware platforms as well but no steps have been taken to verify this.\n\n## Test\n\n### Testing with Minikube\n1. Build this webhook in Minikube:\n\n   ```\n   minikube start --memory=4G \n   eval $(minikube docker-env) \n   make build \n   ```\n\n2. Install [cert-manager] with [Helm]:\n\n   ```\n   helm repo add jetstack https://charts.jetstack.io\n\n   helm install cert-manager jetstack/cert-manager \\\n       --namespace cert-manager \\\n       --create-namespace \\\n       --set installCRDs=true \\\n       --version v1.14.4 \\\n       --set 'extraArgs={--dns01-recursive-nameservers=8.8.8.8:53\\,1.1.1.1:53}'\n\n   kubectl get pods --namespace cert-manager --watch\n   ```\n   **Note!**: refer to Name servers in the official [documentation][setting-nameservers-for-dns01-self-check] according the `extraArgs`.  \n\n3. Check the state and ensure that all pods are running fine (watch out for any issues regarding the `cert-manager-webhook-` pod and its volume mounts):\n   \n   ```   \n   kubectl describe pods -n cert-manager | less\n   ```\n\n4. Create the Abion API key secret in same namespace (Replace the \u003cABION-API-KEY\u003e with a valid API key. You *must* have an Abion account to retrieve an API key. Contact [Abion] for help how to create an account and API key):\n\n   ```\n   kubectl create secret generic abion-credentials \\\n      --namespace cert-manager --from-literal=apiKey='\u003cABION-API-KEY\u003e'\n   ```\n   **Note!** The `Secret` must reside in the same namespace as `cert-manager`.\n\n5. Deploy the abion cert-manager-webhook (Set `logLevel` to 6 for verbose logs):\n\n   *The `features.apiPriorityAndFairness` argument must be removed or set to `false` for Kubernetes older than 1.20.*\n   ```\n   helm install cert-manager-webhook-abion \\\n      --namespace cert-manager \\\n      --set features.apiPriorityAndFairness=true \\\n      --set image.repository=abiondevelopment/cert-manager-webhook-abion \\\n      --set image.tag=latest \\\n      --set logLevel=2 \\\n      ./deploy/cert-manager-webhook-abion \n   ```\n\n   To deploy using the image from Docker Hub (for example using the `1.2.0` tag):\n\n   ```\n   helm install cert-manager-webhook-abion \\\n       --namespace cert-manager \\\n       --set features.apiPriorityAndFairness=true \\\n       --set image.tag=1.2.0 \\\n       --set logLevel=2 \\\n       ./deploy/cert-manager-webhook-abion\n   ```\n\n   Check the logs\n   ```\n   kubectl get pods --namespace cert-manager --watch\n   kubectl logs --namespace cert-manager cert-manager-webhook-abion-XYZ\n   ```\n   \n6. Create a staging cluster issuer.\n\n   See [letsencrypt-staging-clusterissuer.yaml](example/issuers/letsencrypt-staging-clusterissuer.yaml)\n\n   Don't forget to replace email `invalid@example.com`.\n   ```\n   kubectl apply -f ./example/issuers/letsencrypt-staging-clusterissuer.yaml\n   ```\n\n   Check status of the Issuer:\n   ```\n   kubectl describe clusterissuer letsencrypt-staging\n   ```\n\n   *Note*: The production Issuer is [similar][ACME documentation].\n\n7. Issue a [Certificate] for your domain\n\n   Replace dnsNames `example.com` in the [certif-example-com-clusterissuer.yaml](example/certificates/certif-example-com-clusterissuer.yaml)\n\n   Create the Certificate:\n   ```\n   kubectl apply -f ./example/certificates/certif-example-com-clusterissuer.yaml\n   ```\n   \n   Check the status of the Certificate:\n   ```\n   kubectl describe certificate example-com\n   ```\n\n   Display the details like the common name and subject alternative names:\n   \n   ```\n   kubectl get secret example-com-tls -o yaml\n   ```\n\n8. Uninstall this webhook:\n\n   ```\n   helm uninstall cert-manager-webhook-abion --namespace cert-manager\n   kubectl delete secret abion-credentials --namespace cert-manager\n   ```\n\n\n### Conformance test\n\nPlease note that the test is not a typical unit nor integration test. Instead, it invokes the webhook in a Kubernetes-like environment which asks the webhook to send a request the DNS provider (i.e. Abion). \nThe test creates a `TXT` zone record `cert-manager-dns01-tests.example.com` with a specific challenge key, verifies the presence of that record via Google DNS. Finally, it removes the entry by calling the cleanup method of the web hook.\n\nAs said above, the conformance test is run against the real [Abion API]. Therefore, you *must* have an Abion account, a domain (and zone) and an API key.\n\nTo run the conformance test you need to update abion-credentials.yaml and replace the `\u003cABION-API-KEY\u003e` with a valid API Key, change the `example.com.` zone name with a valid one before you can run the test by executing: \n\n```\nTEST_ZONE_NAME=example.com. ABION_API_HOST=https://api.abion.com ABION_API_TIMEOUT=10 make test\n```\n\n## Release\nThis project uses **Git tags** to drive both Docker image publishing and Helm chart releases.\n\n### 1.Prepare Helm Chart\nBefore creating a release, update the chart metadata in\n[`deploy/cert-manager-webhook-abion/Chart.yaml`](deploy/cert-manager-webhook-abion/Chart.yaml):\n\n```yaml\nversion: 1.3.0      # match the new release version (SemVer, no leading v)\nappVersion: \"1.3.0\" # match the new release version (SemVer, no leading v)\n```\n### 2. Create a Git tag\nCreate a new Git tag for the new release:\n```bash\ngit add deploy/cert-manager-webhook-abion/Chart.yaml\ngit commit -m \"Release v1.3.0\"\ngit tag v1.3.0\ngit push origin main --tags\n```\n\n[ACME documentation]: https://cert-manager.io/docs/configuration/acme/\n[Certificate]: https://cert-manager.io/docs/usage/certificate/\n[cert-manager]: https://cert-manager.io/\n[Abion]: https://abion.com/\n[Abion API]: https://demo.abion.com/pmapi-doc/\n[Docker Hub]: https://hub.docker.com/r/abiondevelopment/cert-manager-webhook-abion\n[Helm]: https://helm.sh\n[image tags]: https://hub.docker.com/r/abiondevelopment/cert-manager-webhook-abion\n[minikube]: https://minikube.sigs.k8s.io/\n[setting-nameservers-for-dns01-self-check]: https://cert-manager.io/docs/configuration/acme/dns01/#setting-nameservers-for-dns01-self-check","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabiondevelopment%2Fcert-manager-webhook-abion","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabiondevelopment%2Fcert-manager-webhook-abion","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabiondevelopment%2Fcert-manager-webhook-abion/lists"}