{"id":13983709,"url":"https://github.com/scaleway/cert-manager-webhook-scaleway","last_synced_at":"2025-12-30T01:21:52.951Z","repository":{"id":43887826,"uuid":"314000832","full_name":"scaleway/cert-manager-webhook-scaleway","owner":"scaleway","description":"A Scaleway DNS ACME webhook for cert-manager","archived":false,"fork":false,"pushed_at":"2024-05-08T19:44:27.000Z","size":147,"stargazers_count":34,"open_issues_count":1,"forks_count":16,"subscribers_count":19,"default_branch":"main","last_synced_at":"2024-08-09T05:09:29.674Z","etag":null,"topics":["cert-manager","cert-manager-webhook","dns","scaleway"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scaleway.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-18T17:00:00.000Z","updated_at":"2024-08-03T18:54:21.000Z","dependencies_parsed_at":"2024-04-09T21:47:33.210Z","dependency_job_id":"4e596457-d9e8-4804-ae58-c8b3d024510c","html_url":"https://github.com/scaleway/cert-manager-webhook-scaleway","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scaleway%2Fcert-manager-webhook-scaleway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scaleway%2Fcert-manager-webhook-scaleway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scaleway%2Fcert-manager-webhook-scaleway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scaleway%2Fcert-manager-webhook-scaleway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scaleway","download_url":"https://codeload.github.com/scaleway/cert-manager-webhook-scaleway/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226998803,"owners_count":17715389,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cert-manager","cert-manager-webhook","dns","scaleway"],"created_at":"2024-08-09T05:01:52.270Z","updated_at":"2025-12-30T01:21:52.895Z","avatar_url":"https://github.com/scaleway.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# cert-manager Webhook for Scaleway DNS\n\ncert-manager Webhook for Scaleway DNS is a ACME [webhook](https://cert-manager.io/docs/configuration/acme/dns01/webhook/) for [cert-manager](https://cert-manager.io/) allowing users to use [Scaleway DNS](https://www.scaleway.com/en/docs/scaleway-dns/) for DNS01 challenge.\n\n## Getting started\n\n### Prerequisites\n\n- A [Scaleway Access Key and a Scaleway Secret Key](https://www.scaleway.com/en/docs/generate-api-keys/)\n- A valid domain configured on [Scaleway DNS](https://www.scaleway.com/en/docs/scaleway-dns/)\n- A Kubernetes cluster (v1.29+ recommended)\n- [Helm 3](https://helm.sh/) [installed](https://helm.sh/docs/intro/install/) on your computer\n- cert-manager [deployed](https://cert-manager.io/docs/installation/) on the cluster\n\n### Installing\n\n\u003e Attention: starting from `0.1.0` the chart's name is now named `scaleway-certmanager-webhook`, if upgrading from an older version you might want to add `--set nameOverride=scaleway-webhook` \n\n- Add scaleway's helm chart repository:\n\n```bash\nhelm repo add scaleway https://helm.scw.cloud/\nhelm repo update\n```\n\n- Install the chart\n\n```bash\nhelm install scaleway-certmanager-webhook scaleway/scaleway-certmanager-webhook\n```\n\n- Alternatively, you can install the webhook with default credentials with: \n\n```bash\nhelm install scaleway-certmanager-webhook scaleway/scaleway-certmanager-webhook --set secret.accessKey=\u003cYOUR-ACCESS-KEY\u003e --set secret.secretKey=\u003cYOUR-SECRET_KEY\u003e\n```\n\nThe Scaleway Webhook is now installed! :tada:\n\n\u003e Refer to the chart's [documentation](https://github.com/scaleway/helm-charts/blob/master/charts/scaleway-certmanager-webhook/README.md) for more configuration options.\n\n\u003e Alternatively, you may use the provided bundle for a basic install in the cert-manager namespace:\n\u003e `kubectl apply -f https://raw.githubusercontent.com/scaleway/cert-manager-webhook-scaleway/main/deploy/bundle.yaml`\n\n### How to use it\n\n**Note**: It uses the [cert-manager webhook system](https://cert-manager.io/docs/configuration/acme/dns01/webhook/). Everything after the issuer is configured is just cert-manager. You can find out more in [their documentation](https://cert-manager.io/docs/usage/).\n\nNow that the webhook is installed, here is how to use it.\nLet's say you need a certificate for `example.com` (should be registered in Scaleway DNS).\n\nFirst step is to create a secret containing the Scaleway Access and Secret keys. Create the `scaleway-secret.yaml` file with the following content:\n(Only needed if you don't have default credentials as seen above).\n```yaml\napiVersion: v1\nstringData:\n SCW_ACCESS_KEY: \u003cYOUR-SCALEWAY-ACCESS-KEY\u003e\n SCW_SECRET_KEY: \u003cYOUR-SCALEWAY-SECRET-KEY\u003e\nkind: Secret\nmetadata:\n name: scaleway-secret\ntype: Opaque\n```\n\nAnd run:\n```bash\nkubectl create -f scaleway-secret.yaml\n```\n\nNext step is to create a cert-manager `Issuer`. Create a `issuer.yaml` file with the following content:\n```yaml\napiVersion: cert-manager.io/v1\nkind: Issuer\nmetadata:\n name: my-scaleway-issuer\nspec:\n acme:\n email: my-user@example.com\n # this is the acme staging URL\n server: https://acme-staging-v02.api.letsencrypt.org/directory\n # for production use this URL instead\n # server: https://acme-v02.api.letsencrypt.org/directory\n privateKeySecretRef:\n name: my-scaleway-private-key-secret\n solvers:\n - dns01:\n webhook:\n groupName: acme.scaleway.com\n solverName: scaleway\n config:\n # Only needed if you don't have default credentials as seen above.\n accessKeySecretRef:\n key: SCW_ACCESS_KEY\n name: scaleway-secret\n secretKeySecretRef:\n key: SCW_SECRET_KEY\n name: scaleway-secret\n```\n\nAnd run:\n```bash\nkubectl create -f issuer.yaml\n```\n\nFinally, you can now create the `Certificate` object for `example.com`. Create a `certificate.yaml` file with the following content:\n```yaml\napiVersion: cert-manager.io/v1\nkind: Certificate\nmetadata:\n name: example-com\nspec:\n dnsNames:\n - example.com\n issuerRef:\n name: my-scaleway-issuer\n secretName: example-com-tls\n```\n\nAnd run:\n```bash\nkubectl create -f certificate.yaml\n```\n\nAfter some seconds, you should see the certificate as ready:\n```bash\n$ kubectl get certificate example-com\nNAME READY SECRET AGE\nexample-com True example-com-tls 1m12s\n```\n\nYour certificate is now available in the `example-com-tls` secret!\n\n## Integration testing\n\nBefore running the test, you need:\n- A valid domain on Scaleway DNS (here `example.com`)\n- The variables `SCW_ACCESS_KEY` and `SCW_SECRET_KEY` valid and in the environment\n\nIn order to run the integration tests, run:\n```bash\nTEST_ZONE_NAME=example.com make test\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscaleway%2Fcert-manager-webhook-scaleway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscaleway%2Fcert-manager-webhook-scaleway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscaleway%2Fcert-manager-webhook-scaleway/lists"}