Java Truststore Injection Webhook

This webhook injects a java truststore into a k8s ConfigMap containing pem certificates. If a ConfigMap is labelled to be injected with a java truststore, the webhook checks all existing data entries for pem certificates and adds all found fount to a java truststore file that is added as binary data.

Usage

Label a configmap where a java truststore should be injected.

kind: ConfigMap
apiVersion: v1
metadata:
  labels:
    jti.bakito.ch/inject-truststore: 'true'

truststore file name

The default truststore file name is 'cacerts'

A different ConfigMap file name can be defined by adding the following label.

kind: ConfigMap
apiVersion: v1
metadata:
  labels:
    jti.bakito.ch/truststore-name: 'custom-truststore-name'

truststore password

The default truststore password is 'changeit'

A different ConfigMap file name can be defined by adding the following annotation.

kind: ConfigMap
apiVersion: v1
metadata:
  annotations:
    jti.bakito.ch/truststore-password": 'custom-password'

Installation

java-truststore-injection-webhook can be installed via our Helm chart:

helm repo add bakito https://bakito.github.io/helm-charts
helm repo update

helm upgrade --install java-truststore-injection-webhook bakito/java-truststore-injection-webhook

Name		Name	Last commit message	Last commit date
Latest commit History 304 Commits
.github		.github
chart		chart
pkg/configmap		pkg/configmap
testdata/e2e		testdata/e2e
.dockerignore		.dockerignore
.gitignore		.gitignore
.golangci.yaml		.golangci.yaml
.goreleaser.yml		.goreleaser.yml
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

License

bakito/java-truststore-injection-webhook

Folders and files

Latest commit

History

Repository files navigation

Java Truststore Injection Webhook

Usage

truststore file name

truststore password

Installation

About

Topics

Resources

License

Stars

Watchers

Forks

Languages