https://github.com/touchifyapp/cert-manager-webhook-scaleway

ACME webhook for Scaleway DNS
https://github.com/touchifyapp/cert-manager-webhook-scaleway

acme cert-manager cert-manager-webhook letsencrypt scaleway scaleway-dns

Last synced: 3 months ago
JSON representation

ACME webhook for Scaleway DNS

• Host: GitHub
• URL: https://github.com/touchifyapp/cert-manager-webhook-scaleway
• Owner: touchifyapp
• License: apache-2.0
• Created: 2020-09-26T17:08:54.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2020-09-26T20:16:39.000Z (over 4 years ago)
• Last Synced: 2025-01-22T23:42:18.668Z (5 months ago)
• Topics: acme, cert-manager, cert-manager-webhook, letsencrypt, scaleway, scaleway-dns
• Language: Go
• Homepage:
• Size: 85 KB
• Stars: 2
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# ACME webhook for Scaleway DNS

This webhook allows Scaleway users to use the DNS01 challenge solving when using `cert-manager` in kubernetes.

## Installation

To install with helm, run:

```bash

$ git clone https://github.com/touchifyapp/cert-manager-webhook-scaleway.git

$ cd cert-manager-webhook-scaleway/deploy/cert-manager-webhook-scaleway

$ helm install --name cert-manager-webhook-scaleway .

```

Without helm, use:

```bash

$ make rendered-manifest.yaml

$ kubectl apply -f _out/rendered-manifest.yaml

```

## Configuration

### Generate your secret key

Login to your Scaleway account and create a token from the `credentials` page. A `secret_key` and an `access_key` will be displayed on your screen, the `secret_key` will be used in your `kubernetes` secret.

Reference: https://www.scaleway.com/docs/generate-an-api-token/

### Create a kubernetes secret

```yaml

apiVersion: v1

kind: Secret

metadata:

  name: scaleway-secret-key

type: Opaque

stringData:

  token: SECRET_KEY_FROM_SCALEWAY

```

### Create a new Issuer/ClusterIssuer

```yaml

apiVersion: cert-manager.io/v1

kind: Issuer

metadata:

  name: letsencrypt-scaleway

  namespace: default

spec:

  acme:

    server: https://acme-staging-v02.api.letsencrypt.org/directory

    email: [email protected]

    privateKeySecretRef:

      name: letsencrypt-scaleway-account-key

    solvers:

    - dns01:

        webhook:

          groupName: acme.company.com

          solverName: scaleway

          config:

            organizationId: 12345678-1234-1234-1234-123456789012

            secretKeySecretRef:

              name: scaleway-secret-key

              key: token

```

### Testing your issuer

```yaml

apiVersion: cert-manager.io/v1alpha2

kind: Certificate

metadata:

  name: test-letsencrypt-crt

  namespace: default

spec:

  secretName: company-com-tls

  commonName: company.com

  issuerRef:

    name: letsencrypt-scaleway

    kind: Issuer

  dnsNames:

  - company.com

  - www.company.com

```

## Contributing

### Running the test suite

First, you need to provide your own secret key:

1. Generate your secret key as explained below ([more info](#generate-your-secret-key))

2. Fill in the appropriate values in `testdata/scaleway-solver/secretkey.yml` and `testdata/scaleway-solver/config.json`

Then, you can run the test suite with:

```bash

$ TEST_ZONE_NAME=example.com. make verify

```