https://github.com/bakito/java-truststore-injection-webhook

💉 k8s webhook that allows converts pem certificates from a configmap into a java truststore and injects it to the same confimap
https://github.com/bakito/java-truststore-injection-webhook

cacert java k8s kubernetes openshift pem truststore

Last synced: 6 months ago
JSON representation

💉 k8s webhook that allows converts pem certificates from a configmap into a java truststore and injects it to the same confimap

• Host: GitHub
• URL: https://github.com/bakito/java-truststore-injection-webhook
• Owner: bakito
• License: apache-2.0
• Created: 2021-10-28T20:19:31.000Z (almost 4 years ago)
• Default Branch: main
• Last Pushed: 2024-04-29T05:05:11.000Z (over 1 year ago)
• Last Synced: 2024-05-01T12:37:22.614Z (over 1 year ago)
• Topics: cacert, java, k8s, kubernetes, openshift, pem, truststore
• Language: Go
• Homepage:
• Size: 502 KB
• Stars: 8
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
[![Go Report Card](https://goreportcard.com/badge/github.com/bakito/java-truststore-injection-webhook)](https://goreportcard.com/report/github.com/bakito/java-truststore-injection-webhook)

[![Github Build](https://github.com/bakito/java-truststore-injection-webhook/actions/workflows/build.yml/badge.svg)](https://github.com/bakito/java-truststore-injection-webhook/actions/workflows/build.yml)

[![GitHub Release](https://img.shields.io/github/release/bakito/java-truststore-injection-webhook.svg?style=flat)](https://github.com/bakito/java-truststore-injection-webhook/releases)

# Java Truststore Injection Webhook

This webhook injects a java truststore into a k8s ConfigMap containing pem certificates. If a ConfigMap is labelled to

be injected with a java truststore, the webhook checks all existing data entries for pem certificates and adds all found

fount to a java truststore file that is added as binary data.

## Usage

Label a configmap where a java truststore should be injected.

```yaml

kind: ConfigMap

apiVersion: v1

metadata:

  labels:

    jti.bakito.ch/inject-truststore: 'true'

```

## truststore file name

The default truststore file name is '__cacerts__'

A different ConfigMap file name can be defined by adding the following __label__.

```yaml

kind: ConfigMap

apiVersion: v1

metadata:

  labels:

    jti.bakito.ch/truststore-name: 'custom-truststore-name'

```

## truststore password

The default truststore password is '__changeit__'

A different ConfigMap file name can be defined by adding the following __annotation__.

```yaml

kind: ConfigMap

apiVersion: v1

metadata:

  annotations:

    jti.bakito.ch/truststore-password": 'custom-password'

```

## Installation

**java-truststore-injection-webhook** can be installed via our Helm chart:

```sh

helm repo add bakito https://bakito.github.io/helm-charts

helm repo update

helm upgrade --install java-truststore-injection-webhook bakito/java-truststore-injection-webhook

```