-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathsecrets.tf
71 lines (67 loc) · 2.23 KB
/
secrets.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
resource "kubernetes_secret" "linkerd_proxy_injector_tls" {
metadata {
name = "linkerd-proxy-injector-tls"
namespace = local.linkerd_namespace
labels = {
"linkerd.io/control-plane-component" = local.linkerd_component_proxy_injector_name,
"linkerd.io/control-plane-ns" = "linkerd"
}
annotations = local.linkerd_annotation_created_by
}
type = "Opaque"
data = {
"crt.pem" = file("${path.module}/certs/proxy_injector_crt.pem"),
"key.pem" = file("${path.module}/certs/proxy_injector_key.pem")
}
}
resource "kubernetes_secret" "linkerd_sp_validator_tls" {
metadata {
name = "linkerd-sp-validator-tls"
namespace = local.linkerd_namespace
labels = {
"linkerd.io/control-plane-component" = local.linkerd_component_sp_validator_name,
"linkerd.io/control-plane-ns" = "linkerd"
}
annotations = local.linkerd_annotation_created_by
}
type = "Opaque"
data = {
"crt.pem" = file("${path.module}/certs/sp_validator_crt.pem"),
"key.pem" = file("${path.module}/certs/sp_validator_key.pem")
}
}
resource "kubernetes_secret" "linkerd_tap_tls" {
metadata {
name = "linkerd-tap-tls"
namespace = local.linkerd_namespace
labels = {
"linkerd.io/control-plane-component" = local.linkerd_component_tap_name,
"linkerd.io/control-plane-ns" = "linkerd"
}
annotations = local.linkerd_annotation_created_by
}
type = "Opaque"
data = {
"crt.pem" = file("${path.module}/certs/tap_crt.pem"),
"key.pem" = file("${path.module}/certs/tap_key.pem")
}
}
resource "kubernetes_secret" "linkerd_identity_issuer" {
count = var.external_identity_issuer ? 0 : 1
metadata {
name = "linkerd-identity-issuer"
namespace = local.linkerd_namespace
labels = {
"linkerd.io/control-plane-component" = local.linkerd_component_identity_name,
"linkerd.io/control-plane-ns" = "linkerd"
}
annotations = {
"linkerd.io/created-by" = "linkerd/helm stable-2.8.1",
"linkerd.io/identity-issuer-expiry" = "2021-06-30T08:06:46Z"
}
}
data = {
"crt.pem" = file("${path.module}/certs/identity_issuer_crt.pem"),
"key.pem" = file("${path.module}/certs/identity_issuer_key.pem")
}
}