README
¶
dapr-cert-manager
dapr-cert-manager is a simple controller to allow dapr installations to use Certificates originating from cert-manager. This controller watches 3 distinct cert-manager Certificate objects, one for each dapr PKI component:
- dapr-trust-bundle
- dapr-sidecar-injector
- dapr-webhook
As and when the corresponding cert-manager Certificate object becomes ready or renews, dapr-cert-manager will update the respective Secret(s) object with the latest certificate and key.
Root CA certificates are always appended to, and never replaced.
dapr-cert-manager can also optionally replace the root CA certificates in the target Secret with a custom CA certificate from file.
Installation
Ensure cert-manager is installed, and the corresponding Certificates have been created.
Please see the example manifest for an example of how your cert-manager Certificates could be arranged.
The helm values file shows all available configuration options.
helm upgrade -i dapr-cert-manager ./deploy/charts/dapr-cert-manager \
--namespace dapr-cert-manager \
--create-namespace \
--set app.trustBundleCertificateName=dapr-trust-bundle \
--set app.sidecarInjectorCertificateName=dapr-sidecar-injector \
--set app.webhookCertificateName=dapr-webhook \
--wait
Directories