This images generates TLS certificates required for Eclipse Che deployment and creates corresponding secrets in Eclipse Che dedicated namespace. It is used as Kubernetes job image and should be run before Eclipse Che deploying process is started. The job is usually started from Che operator reconcile loop.
All parameters to this image is passed as environment variables.
Required parameters:
DOMAINshould be set with the list of cluster public domains with or without wildcard.
Optional parameters:
CHE_NAMESPACEis the namespace name into which Eclipse Che should be deployed. If now specified, default valuecheis used.CHE_SERVER_TLS_SECRET_NAMEis the name of TLS secret into which generated TLS certificate should be saved. The namespace is defined byCHE_NAMESPACEenvironment variable. Default value ische-tls.CHE_CA_CERTIFICATE_SECRET_NAMEis the name of the secret in which Che CA certificate should be saved. This certificate should be shared with all users and each user should add it into OS or browser trust store. The namespace is defined byCHE_NAMESPACEenvironment variable. Default value isself-signed-certificate.LABELSis a space separated list of labels to add to the generated secret. Could be empty.
Image repository is quay.io/eclipse/che-tls-secret-creator and could be found here.