19 lines
597 B
Plaintext
19 lines
597 B
Plaintext
|
#!/bin/bash
|
||
|
|
{%- for prxy in k8s_deploy.prxyGatewayServers %}
|
||
|
|
{%- if prxy.tls and prxy.tls.credentialName and k8s_deploy.prxy == "istio" %}
|
||
|
|
SECRET_NAME={{prxy.tls.credentialName}}
|
||
|
|
SSL_PATH=${1:-{{k8s_deploy.tls_path}}}
|
||
|
|
[ ! -r "$SSL_PATH" ] && echo "SSL_PATH $SSLPATH not directory" && exit 1
|
||
|
|
|
||
|
|
NAMESPACE=istio-system
|
||
|
|
|
||
|
|
echo "create $NAMESPACE secret $SECRET_NAME for tls ... "
|
||
|
|
kubectl delete -n $NAMESPACE secret $SECRET_NAME 2>/dev/null
|
||
|
|
kubectl create -n $NAMESPACE secret tls $SECRET_NAME \
|
||
|
|
--key=$SSL_PATH/privkey.pem \
|
||
|
|
--cert=$SSL_PATH/fullchain.pem
|
||
|
|
{% break %}
|
||
|
|
{%- endif %}
|
||
|
|
{%- endfor %}
|
||
|
|
|