Add Kubernetes as an Issuer #106
Assignees
Labels
Comments
|
This sounds fantastic! I'd be happy to review a PR that implements this. |
|
Would this simply mean reading a key and certificate from some kubernetes secret with some specified name? |
I was initially just planning to use tls certifies but I realized there is a way to create csr to kubernetes api. I am planning to follow this to create certificates: https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/ |
|
That looks perfect! Let me know if you need anymore help. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
When running in Kubernetes, services should be able to get certificates without an external service.
Describe the solution you'd like
When a "certificate get or create" called, with kubernetes client, tls secret will be queried or created if not exists.
The API and client is here:
https://github.com/kubernetes/client-go/blob/acc621f88da0907c3eee966001ea99bd59b0f92c/kubernetes/typed/core/v1/secret.go
Describe alternatives you've considered
Mesh networks (eg. Istio) allow mutual tls for services but it is too much hassle to do just mutual tls.
I would like to implement this, so I would like to create a pull request if you find it useful.
The text was updated successfully, but these errors were encountered: