kubernetes-cert-manager logo
Kubernetes Cert Manager v0.0.5, Nov 23 22

kubernetes-cert-manager.CertManager

Automates the management and issuance of TLS certificates from various issuing sources within Kubernetes

Create CertManager Resource

new CertManager(name: string, args?: CertManagerArgs, opts?: CustomResourceOptions);
@overload
def CertManager(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                affinity: Optional[pulumi_kubernetes.core.v1.AffinityArgs] = None,
                cainjector: Optional[CertManagerCaInjectorArgs] = None,
                cluster_resource_namespace: Optional[str] = None,
                container_security_context: Optional[pulumi_kubernetes.core.v1.SecurityContextArgs] = None,
                deployment_annotations: Optional[Mapping[str, str]] = None,
                extra_args: Optional[Sequence[str]] = None,
                extra_env: Optional[Sequence[pulumi_kubernetes.core.v1.EnvVarArgs]] = None,
                extra_volume_mounts: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeMountArgs]] = None,
                extra_volumes: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeArgs]] = None,
                feature_gates: Optional[str] = None,
                global_: Optional[CertManagerGlobalArgs] = None,
                helm_options: Optional[ReleaseArgs] = None,
                http_proxy: Optional[str] = None,
                https_proxy: Optional[str] = None,
                image: Optional[CertManagerImageArgs] = None,
                ingress_shim: Optional[CertManagerIngressShimArgs] = None,
                install_crds: Optional[bool] = None,
                no_proxy: Optional[Sequence[str]] = None,
                node_selector: Optional[pulumi_kubernetes.core.v1.NodeSelectorArgs] = None,
                pod_annotations: Optional[Mapping[str, str]] = None,
                pod_dns_config: Optional[pulumi_kubernetes.core.v1.PodDNSConfigArgs] = None,
                pod_dns_policy: Optional[str] = None,
                pod_labels: Optional[Mapping[str, str]] = None,
                prometheus: Optional[CertManagerPrometheusArgs] = None,
                replica_count: Optional[int] = None,
                resources: Optional[pulumi_kubernetes.core.v1.ResourceRequirementsArgs] = None,
                security_context: Optional[pulumi_kubernetes.core.v1.PodSecurityContextArgs] = None,
                service_account: Optional[CertManagerServiceAccountArgs] = None,
                service_annotations: Optional[Mapping[str, str]] = None,
                service_labels: Optional[Mapping[str, str]] = None,
                startupapicheck: Optional[CertManagerStartupAPICheckArgs] = None,
                strategy: Optional[pulumi_kubernetes.apps.v1.DeploymentStrategyArgs] = None,
                tolerations: Optional[Sequence[pulumi_kubernetes.core.v1.TolerationArgs]] = None,
                webhook: Optional[CertManagerWebhookArgs] = None)
@overload
def CertManager(resource_name: str,
                args: Optional[CertManagerArgs] = None,
                opts: Optional[ResourceOptions] = None)
func NewCertManager(ctx *Context, name string, args *CertManagerArgs, opts ...ResourceOption) (*CertManager, error)
public CertManager(string name, CertManagerArgs? args = null, CustomResourceOptions? opts = null)
public CertManager(String name, CertManagerArgs args)
public CertManager(String name, CertManagerArgs args, CustomResourceOptions options)
type: kubernetes-cert-manager:CertManager
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CertManagerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CertManagerArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CertManagerArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CertManagerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CertManagerArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

CertManager Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The CertManager resource accepts the following input properties:

Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.AffinityArgs
Cainjector Pulumi.KubernetesCertManager.Inputs.CertManagerCaInjectorArgs
ClusterResourceNamespace string

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContextArgs

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations Dictionary<string, string>

Optional additional annotations to add to the controller Deployment

ExtraArgs List<string>

Optional additional arguments.

ExtraEnv List<Pulumi.Kubernetes.Types.Inputs.Core.V1.EnvVarArgs>
ExtraVolumeMounts List<Pulumi.Kubernetes.Types.Inputs.Core.V1.VolumeMountArgs>
ExtraVolumes List<Pulumi.Kubernetes.Types.Inputs.Core.V1.VolumeArgs>
FeatureGates string

Comma separated list of feature gates that should be enabled on the controller pod.

Global Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalArgs
HelmOptions Pulumi.KubernetesCertManager.Inputs.ReleaseArgs

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

Http_proxy string
Https_proxy string
Image Pulumi.KubernetesCertManager.Inputs.CertManagerImageArgs
IngressShim Pulumi.KubernetesCertManager.Inputs.CertManagerIngressShimArgs
InstallCRDs bool
No_proxy List<string>
NodeSelector Pulumi.Kubernetes.Types.Inputs.Core.V1.NodeSelectorArgs
PodAnnotations Dictionary<string, string>

Optional additional annotations to add to the controller Pods

PodDnsConfig Pulumi.Kubernetes.Types.Inputs.Core.V1.PodDNSConfigArgs
PodDnsPolicy string

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

PodLabels Dictionary<string, string>
Prometheus Pulumi.KubernetesCertManager.Inputs.CertManagerPrometheusArgs
ReplicaCount int
Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirementsArgs
SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContextArgs

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccountArgs
ServiceAnnotations Dictionary<string, string>

Optional additional annotations to add to the controller service

ServiceLabels Dictionary<string, string>

Optional additional labels to add to the controller Service

Startupapicheck Pulumi.KubernetesCertManager.Inputs.CertManagerStartupAPICheckArgs
Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategyArgs
Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.TolerationArgs>
Webhook Pulumi.KubernetesCertManager.Inputs.CertManagerWebhookArgs
Affinity AffinityArgs
Cainjector CertManagerCaInjectorArgs
ClusterResourceNamespace string

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

ContainerSecurityContext SecurityContextArgs

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations map[string]string

Optional additional annotations to add to the controller Deployment

ExtraArgs []string

Optional additional arguments.

ExtraEnv EnvVarArgs
ExtraVolumeMounts VolumeMountArgs
ExtraVolumes VolumeArgs
FeatureGates string

Comma separated list of feature gates that should be enabled on the controller pod.

Global CertManagerGlobalArgs
HelmOptions ReleaseArgs

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

Http_proxy string
Https_proxy string
Image CertManagerImageArgs
IngressShim CertManagerIngressShimArgs
InstallCRDs bool
No_proxy []string
NodeSelector NodeSelectorArgs
PodAnnotations map[string]string

Optional additional annotations to add to the controller Pods

PodDnsConfig PodDNSConfigArgs
PodDnsPolicy string

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

PodLabels map[string]string
Prometheus CertManagerPrometheusArgs
ReplicaCount int
Resources ResourceRequirementsArgs
SecurityContext PodSecurityContextArgs

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount CertManagerServiceAccountArgs
ServiceAnnotations map[string]string

Optional additional annotations to add to the controller service

ServiceLabels map[string]string

Optional additional labels to add to the controller Service

Startupapicheck CertManagerStartupAPICheckArgs
Strategy DeploymentStrategyArgs
Tolerations TolerationArgs
Webhook CertManagerWebhookArgs
affinity AffinityArgs
cainjector CertManagerCaInjectorArgs
clusterResourceNamespace String

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

containerSecurityContext SecurityContextArgs

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String,String>

Optional additional annotations to add to the controller Deployment

extraArgs List<String>

Optional additional arguments.

extraEnv List<EnvVarArgs>
extraVolumeMounts List<VolumeMountArgs>
extraVolumes List<VolumeArgs>
featureGates String

Comma separated list of feature gates that should be enabled on the controller pod.

global CertManagerGlobalArgs
helmOptions ReleaseArgs

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

http_proxy String
https_proxy String
image CertManagerImageArgs
ingressShim CertManagerIngressShimArgs
installCRDs Boolean
no_proxy List<String>
nodeSelector NodeSelectorArgs
podAnnotations Map<String,String>

Optional additional annotations to add to the controller Pods

podDnsConfig PodDNSConfigArgs
podDnsPolicy String

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

podLabels Map<String,String>
prometheus CertManagerPrometheusArgs
replicaCount Integer
resources ResourceRequirementsArgs
securityContext PodSecurityContextArgs

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccountArgs
serviceAnnotations Map<String,String>

Optional additional annotations to add to the controller service

serviceLabels Map<String,String>

Optional additional labels to add to the controller Service

startupapicheck CertManagerStartupAPICheckArgs
strategy DeploymentStrategyArgs
tolerations List<TolerationArgs>
webhook CertManagerWebhookArgs
affinity pulumiKubernetestypesinputcorev1Affinity
cainjector CertManagerCaInjectorArgs
clusterResourceNamespace string

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations {[key: string]: string}

Optional additional annotations to add to the controller Deployment

extraArgs string[]

Optional additional arguments.

extraEnv pulumiKubernetestypesinputcorev1EnvVar[]
extraVolumeMounts pulumiKubernetestypesinputcorev1VolumeMount[]
extraVolumes pulumiKubernetestypesinputcorev1Volume[]
featureGates string

Comma separated list of feature gates that should be enabled on the controller pod.

global CertManagerGlobalArgs
helmOptions ReleaseArgs

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

http_proxy string
https_proxy string
image CertManagerImageArgs
ingressShim CertManagerIngressShimArgs
installCRDs boolean
no_proxy string[]
nodeSelector pulumiKubernetestypesinputcorev1NodeSelector
podAnnotations {[key: string]: string}

Optional additional annotations to add to the controller Pods

podDnsConfig pulumiKubernetestypesinputcorev1PodDNSConfig
podDnsPolicy string

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

podLabels {[key: string]: string}
prometheus CertManagerPrometheusArgs
replicaCount number
resources pulumiKubernetestypesinputcorev1ResourceRequirements
securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccountArgs
serviceAnnotations {[key: string]: string}

Optional additional annotations to add to the controller service

serviceLabels {[key: string]: string}

Optional additional labels to add to the controller Service

startupapicheck CertManagerStartupAPICheckArgs
strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
tolerations pulumiKubernetestypesinputcorev1Toleration[]
webhook CertManagerWebhookArgs
affinity AffinityArgs
cainjector CertManagerCaInjectorArgs
cluster_resource_namespace str

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

container_security_context SecurityContextArgs

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deployment_annotations Mapping[str, str]

Optional additional annotations to add to the controller Deployment

extra_args Sequence[str]

Optional additional arguments.

extra_env EnvVarArgs]
extra_volume_mounts VolumeMountArgs]
extra_volumes VolumeArgs]
feature_gates str

Comma separated list of feature gates that should be enabled on the controller pod.

global_ CertManagerGlobalArgs
helm_options ReleaseArgs

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

http_proxy str
https_proxy str
image CertManagerImageArgs
ingress_shim CertManagerIngressShimArgs
install_crds bool
no_proxy Sequence[str]
node_selector NodeSelectorArgs
pod_annotations Mapping[str, str]

Optional additional annotations to add to the controller Pods

pod_dns_config PodDNSConfigArgs
pod_dns_policy str

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

pod_labels Mapping[str, str]
prometheus CertManagerPrometheusArgs
replica_count int
resources ResourceRequirementsArgs
security_context PodSecurityContextArgs

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

service_account CertManagerServiceAccountArgs
service_annotations Mapping[str, str]

Optional additional annotations to add to the controller service

service_labels Mapping[str, str]

Optional additional labels to add to the controller Service

startupapicheck CertManagerStartupAPICheckArgs
strategy DeploymentStrategyArgs
tolerations TolerationArgs]
webhook CertManagerWebhookArgs
affinity Property Map
cainjector Property Map
clusterResourceNamespace String

Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.

containerSecurityContext Property Map

Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String>

Optional additional annotations to add to the controller Deployment

extraArgs List<String>

Optional additional arguments.

extraEnv List<Property Map>
extraVolumeMounts List<Property Map>
extraVolumes List<Property Map>
featureGates String

Comma separated list of feature gates that should be enabled on the controller pod.

global Property Map
helmOptions Property Map

HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.

http_proxy String
https_proxy String
image Property Map
ingressShim Property Map
installCRDs Boolean
no_proxy List<String>
nodeSelector Property Map
podAnnotations Map<String>

Optional additional annotations to add to the controller Pods

podDnsConfig Property Map
podDnsPolicy String

Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or CustomPodDNS feature gate enabled for the cluster to work.

podLabels Map<String>
prometheus Property Map
replicaCount Number
resources Property Map
securityContext Property Map

Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount Property Map
serviceAnnotations Map<String>

Optional additional annotations to add to the controller service

serviceLabels Map<String>

Optional additional labels to add to the controller Service

startupapicheck Property Map
strategy Property Map
tolerations List<Property Map>
webhook Property Map

Outputs

All input properties are implicitly available as output properties. Additionally, the CertManager resource produces the following output properties:

Status Pulumi.KubernetesCertManager.Outputs.ReleaseStatus

Detailed information about the status of the underlying Helm deployment.

Status ReleaseStatus

Detailed information about the status of the underlying Helm deployment.

status ReleaseStatus

Detailed information about the status of the underlying Helm deployment.

status ReleaseStatus

Detailed information about the status of the underlying Helm deployment.

status ReleaseStatus

Detailed information about the status of the underlying Helm deployment.

status Property Map

Detailed information about the status of the underlying Helm deployment.

Supporting Types

CertManagerCaInjector

Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContext

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations Dictionary<string, string>

Optional additional annotations to add to the cainjector Deployment

ExtraArgs List<string>

Optional additional arguments for cainjector

Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
NodeSelector Dictionary<string, string>
PodAnnotations Dictionary<string, string>

Optional additional annotations to add to the cainjector Pods

PodLabels Dictionary<string, string>

Optional additional labels to add to the Webhook Pods

PodSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ReplicaCount int
Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategy
TimeoutSeconds int
Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
Affinity Affinity
ContainerSecurityContext SecurityContext

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations map[string]string

Optional additional annotations to add to the cainjector Deployment

ExtraArgs []string

Optional additional arguments for cainjector

Image CertManagerImage
NodeSelector map[string]string
PodAnnotations map[string]string

Optional additional annotations to add to the cainjector Pods

PodLabels map[string]string

Optional additional labels to add to the Webhook Pods

PodSecurityContext PodSecurityContext

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ReplicaCount int
Resources ResourceRequirements
ServiceAccount CertManagerServiceAccount
Strategy DeploymentStrategy
TimeoutSeconds int
Tolerations Toleration
affinity Affinity
containerSecurityContext SecurityContext

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String,String>

Optional additional annotations to add to the cainjector Deployment

extraArgs List<String>

Optional additional arguments for cainjector

image CertManagerImage
nodeSelector Map<String,String>
podAnnotations Map<String,String>

Optional additional annotations to add to the cainjector Pods

podLabels Map<String,String>

Optional additional labels to add to the Webhook Pods

podSecurityContext PodSecurityContext

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

replicaCount Integer
resources ResourceRequirements
serviceAccount CertManagerServiceAccount
strategy DeploymentStrategy
timeoutSeconds Integer
tolerations List<Toleration>
affinity pulumiKubernetestypesinputcorev1Affinity
containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations {[key: string]: string}

Optional additional annotations to add to the cainjector Deployment

extraArgs string[]

Optional additional arguments for cainjector

image CertManagerImage
nodeSelector {[key: string]: string}
podAnnotations {[key: string]: string}

Optional additional annotations to add to the cainjector Pods

podLabels {[key: string]: string}

Optional additional labels to add to the Webhook Pods

podSecurityContext pulumiKubernetestypesinputcorev1PodSecurityContext

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

replicaCount number
resources pulumiKubernetestypesinputcorev1ResourceRequirements
serviceAccount CertManagerServiceAccount
strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
timeoutSeconds number
tolerations pulumiKubernetestypesinputcorev1Toleration[]
affinity AffinityArgs
container_security_context SecurityContextArgs

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deployment_annotations Mapping[str, str]

Optional additional annotations to add to the cainjector Deployment

extra_args Sequence[str]

Optional additional arguments for cainjector

image CertManagerImage
node_selector Mapping[str, str]
pod_annotations Mapping[str, str]

Optional additional annotations to add to the cainjector Pods

pod_labels Mapping[str, str]

Optional additional labels to add to the Webhook Pods

pod_security_context PodSecurityContextArgs

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

replica_count int
resources ResourceRequirementsArgs
service_account CertManagerServiceAccount
strategy DeploymentStrategyArgs
timeout_seconds int
tolerations TolerationArgs]
affinity Property Map
containerSecurityContext Property Map

Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String>

Optional additional annotations to add to the cainjector Deployment

extraArgs List<String>

Optional additional arguments for cainjector

image Property Map
nodeSelector Map<String>
podAnnotations Map<String>

Optional additional annotations to add to the cainjector Pods

podLabels Map<String>

Optional additional labels to add to the Webhook Pods

podSecurityContext Property Map

Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

replicaCount Number
resources Property Map
serviceAccount Property Map
strategy Property Map
timeoutSeconds Number
tolerations List<Property Map>

CertManagerGlobal

ImagePullSecrets List<Pulumi.Kubernetes.Types.Inputs.Core.V1.LocalObjectReference>

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

LeaderElection Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalLeaderElection
LogLevel int

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

PodSecurityPolicy Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalPodSecurityPolicy
PriorityClassName string

Optional priority class to be used for the cert-manager pods.

Rbac Pulumi.KubernetesCertManager.Inputs.CertManagerGlobalRbac
ImagePullSecrets LocalObjectReference

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

LeaderElection CertManagerGlobalLeaderElection
LogLevel int

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

PodSecurityPolicy CertManagerGlobalPodSecurityPolicy
PriorityClassName string

Optional priority class to be used for the cert-manager pods.

Rbac CertManagerGlobalRbac
imagePullSecrets List<LocalObjectReference>

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

leaderElection CertManagerGlobalLeaderElection
logLevel Integer

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

podSecurityPolicy CertManagerGlobalPodSecurityPolicy
priorityClassName String

Optional priority class to be used for the cert-manager pods.

rbac CertManagerGlobalRbac
imagePullSecrets pulumiKubernetestypesinputcorev1LocalObjectReference[]

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

leaderElection CertManagerGlobalLeaderElection
logLevel number

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

podSecurityPolicy CertManagerGlobalPodSecurityPolicy
priorityClassName string

Optional priority class to be used for the cert-manager pods.

rbac CertManagerGlobalRbac
image_pull_secrets LocalObjectReferenceArgs]

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

leader_election CertManagerGlobalLeaderElection
log_level int

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

pod_security_policy CertManagerGlobalPodSecurityPolicy
priority_class_name str

Optional priority class to be used for the cert-manager pods.

rbac CertManagerGlobalRbac
imagePullSecrets List<Property Map>

Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

leaderElection Property Map
logLevel Number

Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.

podSecurityPolicy Property Map
priorityClassName String

Optional priority class to be used for the cert-manager pods.

rbac Property Map

CertManagerGlobalLeaderElection

LeaseDuration string

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

Namespace string

Override the namespace used to store the ConfigMap for leader election.

RenewDeadline string

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

LeaseDuration string

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

Namespace string

Override the namespace used to store the ConfigMap for leader election.

RenewDeadline string

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

leaseDuration String

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

namespace String

Override the namespace used to store the ConfigMap for leader election.

renewDeadline String

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

leaseDuration string

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

namespace string

Override the namespace used to store the ConfigMap for leader election.

renewDeadline string

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

lease_duration str

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

namespace str

Override the namespace used to store the ConfigMap for leader election.

renew_deadline str

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

leaseDuration String

The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.

namespace String

Override the namespace used to store the ConfigMap for leader election.

renewDeadline String

The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.

CertManagerGlobalPodSecurityPolicy

enabled Boolean
useAppArmor Boolean
enabled boolean
useAppArmor boolean
enabled Boolean
useAppArmor Boolean

CertManagerGlobalRbac

Create bool
Create bool
create Boolean
create boolean
create bool
create Boolean

CertManagerImage

Digest string

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

PullPolicy string
Registry string

You can manage a registry with registry: quay.io.

Repository string

You can manage a registry with repository: jetstack/cert-manager-controller.

Tag string

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

Digest string

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

PullPolicy string
Registry string

You can manage a registry with registry: quay.io.

Repository string

You can manage a registry with repository: jetstack/cert-manager-controller.

Tag string

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

digest String

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

pullPolicy String
registry String

You can manage a registry with registry: quay.io.

repository String

You can manage a registry with repository: jetstack/cert-manager-controller.

tag String

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

digest string

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

pullPolicy string
registry string

You can manage a registry with registry: quay.io.

repository string

You can manage a registry with repository: jetstack/cert-manager-controller.

tag string

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

digest str

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

pull_policy str
registry str

You can manage a registry with registry: quay.io.

repository str

You can manage a registry with repository: jetstack/cert-manager-controller.

tag str

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

digest String

Setting a digest will override any tag, e.g. digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20.

pullPolicy String
registry String

You can manage a registry with registry: quay.io.

repository String

You can manage a registry with repository: jetstack/cert-manager-controller.

tag String

Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.

CertManagerIngressShim

CertManagerPrometheus

CertManagerPrometheusServiceMonitor

Enabled bool
Interval string
Labels Dictionary<string, string>
Path string
PrometheusInstance string
String string
TargetPort int
Enabled bool
Interval string
Labels map[string]string
Path string
PrometheusInstance string
String string
TargetPort int
enabled Boolean
interval String
labels Map<String,String>
path String
prometheusInstance String
string String
targetPort Integer
enabled boolean
interval string
labels {[key: string]: string}
path string
prometheusInstance string
string string
targetPort number
enabled bool
interval str
labels Mapping[str, str]
path str
prometheus_instance str
string str
target_port int
enabled Boolean
interval String
labels Map<String>
path String
prometheusInstance String
string String
targetPort Number

CertManagerServiceAccount

Annotations Dictionary<string, string>

Optional additional annotations to add to the controller's ServiceAccount.

AutomountServiceAccountToken bool

Automount API credentials for a Service Account.

Create bool

Specifies whether a service account should be created

Name string

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

Annotations map[string]string

Optional additional annotations to add to the controller's ServiceAccount.

AutomountServiceAccountToken bool

Automount API credentials for a Service Account.

Create bool

Specifies whether a service account should be created

Name string

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

annotations Map<String,String>

Optional additional annotations to add to the controller's ServiceAccount.

automountServiceAccountToken Boolean

Automount API credentials for a Service Account.

create Boolean

Specifies whether a service account should be created

name String

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

annotations {[key: string]: string}

Optional additional annotations to add to the controller's ServiceAccount.

automountServiceAccountToken boolean

Automount API credentials for a Service Account.

create boolean

Specifies whether a service account should be created

name string

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

annotations Mapping[str, str]

Optional additional annotations to add to the controller's ServiceAccount.

automount_service_account_token bool

Automount API credentials for a Service Account.

create bool

Specifies whether a service account should be created

name str

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

annotations Map<String>

Optional additional annotations to add to the controller's ServiceAccount.

automountServiceAccountToken Boolean

Automount API credentials for a Service Account.

create Boolean

Specifies whether a service account should be created

name String

The name of the service account to use. If not set and create is true, a name is generated using the fullname template.

CertManagerStartupAPICheck

Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
BackoffLimit int

Job backoffLimit

Enabled bool
ExtraArgs List<string>

Optional additional arguments for startupapicheck

Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
JobAnnotations Dictionary<string, string>

Optional additional annotations to add to the startupapicheck Job

NodeSelector Dictionary<string, string>
PodAnnotations Dictionary<string, string>

Optional additional annotations to add to the startupapicheck Pods

PodLabels Dictionary<string, string>

Optional additional labels to add to the startupapicheck Pods

Rbac Pulumi.KubernetesCertManager.Inputs.CertManagerStartupAPICheckRBAC
Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
Timeout string

Timeout for 'kubectl check api' command

Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
Affinity Affinity
BackoffLimit int

Job backoffLimit

Enabled bool
ExtraArgs []string

Optional additional arguments for startupapicheck

Image CertManagerImage
JobAnnotations map[string]string

Optional additional annotations to add to the startupapicheck Job

NodeSelector map[string]string
PodAnnotations map[string]string

Optional additional annotations to add to the startupapicheck Pods

PodLabels map[string]string

Optional additional labels to add to the startupapicheck Pods

Rbac CertManagerStartupAPICheckRBAC
Resources ResourceRequirements
SecurityContext PodSecurityContext

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount CertManagerServiceAccount
Timeout string

Timeout for 'kubectl check api' command

Tolerations Toleration
affinity Affinity
backoffLimit Integer

Job backoffLimit

enabled Boolean
extraArgs List<String>

Optional additional arguments for startupapicheck

image CertManagerImage
jobAnnotations Map<String,String>

Optional additional annotations to add to the startupapicheck Job

nodeSelector Map<String,String>
podAnnotations Map<String,String>

Optional additional annotations to add to the startupapicheck Pods

podLabels Map<String,String>

Optional additional labels to add to the startupapicheck Pods

rbac CertManagerStartupAPICheckRBAC
resources ResourceRequirements
securityContext PodSecurityContext

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccount
timeout String

Timeout for 'kubectl check api' command

tolerations List<Toleration>
affinity pulumiKubernetestypesinputcorev1Affinity
backoffLimit number

Job backoffLimit

enabled boolean
extraArgs string[]

Optional additional arguments for startupapicheck

image CertManagerImage
jobAnnotations {[key: string]: string}

Optional additional annotations to add to the startupapicheck Job

nodeSelector {[key: string]: string}
podAnnotations {[key: string]: string}

Optional additional annotations to add to the startupapicheck Pods

podLabels {[key: string]: string}

Optional additional labels to add to the startupapicheck Pods

rbac CertManagerStartupAPICheckRBAC
resources pulumiKubernetestypesinputcorev1ResourceRequirements
securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccount
timeout string

Timeout for 'kubectl check api' command

tolerations pulumiKubernetestypesinputcorev1Toleration[]
affinity AffinityArgs
backoff_limit int

Job backoffLimit

enabled bool
extra_args Sequence[str]

Optional additional arguments for startupapicheck

image CertManagerImage
job_annotations Mapping[str, str]

Optional additional annotations to add to the startupapicheck Job

node_selector Mapping[str, str]
pod_annotations Mapping[str, str]

Optional additional annotations to add to the startupapicheck Pods

pod_labels Mapping[str, str]

Optional additional labels to add to the startupapicheck Pods

rbac CertManagerStartupAPICheckRBAC
resources ResourceRequirementsArgs
security_context PodSecurityContextArgs

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

service_account CertManagerServiceAccount
timeout str

Timeout for 'kubectl check api' command

tolerations TolerationArgs]
affinity Property Map
backoffLimit Number

Job backoffLimit

enabled Boolean
extraArgs List<String>

Optional additional arguments for startupapicheck

image Property Map
jobAnnotations Map<String>

Optional additional annotations to add to the startupapicheck Job

nodeSelector Map<String>
podAnnotations Map<String>

Optional additional annotations to add to the startupapicheck Pods

podLabels Map<String>

Optional additional labels to add to the startupapicheck Pods

rbac Property Map
resources Property Map
securityContext Property Map

Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount Property Map
timeout String

Timeout for 'kubectl check api' command

tolerations List<Property Map>

CertManagerStartupAPICheckRBAC

Annotations Dictionary<string, string>

annotations for the startup API Check job RBAC and PSP resources

Annotations map[string]string

annotations for the startup API Check job RBAC and PSP resources

annotations Map<String,String>

annotations for the startup API Check job RBAC and PSP resources

annotations {[key: string]: string}

annotations for the startup API Check job RBAC and PSP resources

annotations Mapping[str, str]

annotations for the startup API Check job RBAC and PSP resources

annotations Map<String>

annotations for the startup API Check job RBAC and PSP resources

CertManagerWebhook

Affinity Pulumi.Kubernetes.Types.Inputs.Core.V1.Affinity
ContainerSecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.SecurityContext

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations Dictionary<string, string>

Optional additional annotations to add to the webhook Deployment

ExtraArgs List<string>

Optional additional arguments for webhook

HostNetwork bool

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

Image Pulumi.KubernetesCertManager.Inputs.CertManagerImage
LivenessProbe Pulumi.Kubernetes.Types.Inputs.Core.V1.Probe

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

LoadBalancerIP string
MutatingWebhookConfigurationAnnotations Dictionary<string, string>

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

NodeSelector Dictionary<string, string>
PodAnnotations Dictionary<string, string>

Optional additional annotations to add to the webhook Pods

PodLabels Dictionary<string, string>

Optional additional labels to add to the Webhook Pods

ReadinessProbe Pulumi.Kubernetes.Types.Inputs.Core.V1.Probe

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

ReplicaCount int
Resources Pulumi.Kubernetes.Types.Inputs.Core.V1.ResourceRequirements
SecurePort int

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

SecurityContext Pulumi.Kubernetes.Types.Inputs.Core.V1.PodSecurityContext

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount Pulumi.KubernetesCertManager.Inputs.CertManagerServiceAccount
ServiceAnnotations Dictionary<string, string>

Optional additional annotations to add to the webhook service

ServiceLabels Dictionary<string, string>

Optional additional labels to add to the Webhook Service

ServiceType string

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

Strategy Pulumi.Kubernetes.Types.Inputs.Apps.V1.DeploymentStrategy
TimeoutSeconds int
Tolerations List<Pulumi.Kubernetes.Types.Inputs.Core.V1.Toleration>
Url Pulumi.KubernetesCertManager.Inputs.CertManagerWebhookURL

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

ValidatingWebhookConfigurationAnnotations Dictionary<string, string>

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

Affinity Affinity
ContainerSecurityContext SecurityContext

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

DeploymentAnnotations map[string]string

Optional additional annotations to add to the webhook Deployment

ExtraArgs []string

Optional additional arguments for webhook

HostNetwork bool

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

Image CertManagerImage
LivenessProbe Probe

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

LoadBalancerIP string
MutatingWebhookConfigurationAnnotations map[string]string

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

NodeSelector map[string]string
PodAnnotations map[string]string

Optional additional annotations to add to the webhook Pods

PodLabels map[string]string

Optional additional labels to add to the Webhook Pods

ReadinessProbe Probe

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

ReplicaCount int
Resources ResourceRequirements
SecurePort int

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

SecurityContext PodSecurityContext

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

ServiceAccount CertManagerServiceAccount
ServiceAnnotations map[string]string

Optional additional annotations to add to the webhook service

ServiceLabels map[string]string

Optional additional labels to add to the Webhook Service

ServiceType string

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

Strategy DeploymentStrategy
TimeoutSeconds int
Tolerations Toleration
Url CertManagerWebhookURL

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

ValidatingWebhookConfigurationAnnotations map[string]string

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

affinity Affinity
containerSecurityContext SecurityContext

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String,String>

Optional additional annotations to add to the webhook Deployment

extraArgs List<String>

Optional additional arguments for webhook

hostNetwork Boolean

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

image CertManagerImage
livenessProbe Probe

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

loadBalancerIP String
mutatingWebhookConfigurationAnnotations Map<String,String>

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

nodeSelector Map<String,String>
podAnnotations Map<String,String>

Optional additional annotations to add to the webhook Pods

podLabels Map<String,String>

Optional additional labels to add to the Webhook Pods

readinessProbe Probe

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

replicaCount Integer
resources ResourceRequirements
securePort Integer

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

securityContext PodSecurityContext

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccount
serviceAnnotations Map<String,String>

Optional additional annotations to add to the webhook service

serviceLabels Map<String,String>

Optional additional labels to add to the Webhook Service

serviceType String

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

strategy DeploymentStrategy
timeoutSeconds Integer
tolerations List<Toleration>
url CertManagerWebhookURL

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

validatingWebhookConfigurationAnnotations Map<String,String>

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

affinity pulumiKubernetestypesinputcorev1Affinity
containerSecurityContext pulumiKubernetestypesinputcorev1SecurityContext

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations {[key: string]: string}

Optional additional annotations to add to the webhook Deployment

extraArgs string[]

Optional additional arguments for webhook

hostNetwork boolean

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

image CertManagerImage
livenessProbe pulumiKubernetestypesinputcorev1Probe

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

loadBalancerIP string
mutatingWebhookConfigurationAnnotations {[key: string]: string}

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

nodeSelector {[key: string]: string}
podAnnotations {[key: string]: string}

Optional additional annotations to add to the webhook Pods

podLabels {[key: string]: string}

Optional additional labels to add to the Webhook Pods

readinessProbe pulumiKubernetestypesinputcorev1Probe

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

replicaCount number
resources pulumiKubernetestypesinputcorev1ResourceRequirements
securePort number

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

securityContext pulumiKubernetestypesinputcorev1PodSecurityContext

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount CertManagerServiceAccount
serviceAnnotations {[key: string]: string}

Optional additional annotations to add to the webhook service

serviceLabels {[key: string]: string}

Optional additional labels to add to the Webhook Service

serviceType string

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

strategy pulumiKubernetestypesinputappsv1DeploymentStrategy
timeoutSeconds number
tolerations pulumiKubernetestypesinputcorev1Toleration[]
url CertManagerWebhookURL

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

validatingWebhookConfigurationAnnotations {[key: string]: string}

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

affinity AffinityArgs
container_security_context SecurityContextArgs

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deployment_annotations Mapping[str, str]

Optional additional annotations to add to the webhook Deployment

extra_args Sequence[str]

Optional additional arguments for webhook

host_network bool

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

image CertManagerImage
liveness_probe ProbeArgs

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

load_balancer_ip str
mutating_webhook_configuration_annotations Mapping[str, str]

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

node_selector Mapping[str, str]
pod_annotations Mapping[str, str]

Optional additional annotations to add to the webhook Pods

pod_labels Mapping[str, str]

Optional additional labels to add to the Webhook Pods

readiness_probe ProbeArgs

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

replica_count int
resources ResourceRequirementsArgs
secure_port int

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

security_context PodSecurityContextArgs

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

service_account CertManagerServiceAccount
service_annotations Mapping[str, str]

Optional additional annotations to add to the webhook service

service_labels Mapping[str, str]

Optional additional labels to add to the Webhook Service

service_type str

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

strategy DeploymentStrategyArgs
timeout_seconds int
tolerations TolerationArgs]
url CertManagerWebhookURL

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

validating_webhook_configuration_annotations Mapping[str, str]

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

affinity Property Map
containerSecurityContext Property Map

Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

deploymentAnnotations Map<String>

Optional additional annotations to add to the webhook Deployment

extraArgs List<String>

Optional additional arguments for webhook

hostNetwork Boolean

Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network, webhook.securePort should be changed to an available port if running in hostNetwork mode.

image Property Map
livenessProbe Property Map

Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

loadBalancerIP String
mutatingWebhookConfigurationAnnotations Map<String>

Optional additional annotations to add to the webhook MutatingWebhookConfiguration

nodeSelector Map<String>
podAnnotations Map<String>

Optional additional annotations to add to the webhook Pods

podLabels Map<String>

Optional additional labels to add to the Webhook Pods

readinessProbe Property Map

Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes

replicaCount Number
resources Property Map
securePort Number

The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000

securityContext Property Map

Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

serviceAccount Property Map
serviceAnnotations Map<String>

Optional additional annotations to add to the webhook service

serviceLabels Map<String>

Optional additional labels to add to the Webhook Service

serviceType String

Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.

strategy Property Map
timeoutSeconds Number
tolerations List<Property Map>
url Property Map

Overrides the mutating webhook and validating webhook so they reach the webhook service using the url field instead of a service.

validatingWebhookConfigurationAnnotations Map<String>

Optional additional annotations to add to the webhook ValidatingWebhookConfiguration

CertManagerWebhookURL

Host string
Host string
host String
host string
host str
host String

Release

Atomic bool

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

Chart string

Chart name to be installed. A path may be used.

CleanupOnFail bool

Allow deletion of new resources created in this upgrade when upgrade fails.

CreateNamespace bool

Create the namespace if it does not exist.

DependencyUpdate bool

Run helm dependency update before installing the chart.

Description string

Add a custom description

Devel bool

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

DisableCRDHooks bool

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

DisableOpenapiValidation bool

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

DisableWebhooks bool

Prevent hooks from running.

ForceUpdate bool

Force resource update through delete/recreate if needed.

Keyring string

Location of public keys used for verification. Used only if verify is true

Lint bool

Run helm lint when planning.

Manifest Dictionary<string, object>

The rendered manifests as JSON. Not yet supported.

MaxHistory int

Limit the maximum number of revisions saved per release. Use 0 for no limit.

Name string

Release name.

Namespace string

Namespace to install the release into.

Postrender string

Postrender command to run.

RecreatePods bool

Perform pods restart during upgrade/rollback.

RenderSubchartNotes bool

If set, render subchart notes along with the parent.

Replace bool

Re-use the given name, even if that name is already used. This is unsafe in production

RepositoryOpts Pulumi.KubernetesCertManager.Inputs.RepositoryOpts

Specification defining the Helm chart repository to use.

ResetValues bool

When upgrading, reset the values to the ones built into the chart.

ResourceNames Dictionary<string, ImmutableArray<string>>

Names of resources created by the release grouped by "kind/version".

ReuseValues bool

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

SkipAwait bool

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

SkipCrds bool

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

Timeout int

Time in seconds to wait for any individual kubernetes operation.

ValueYamlFiles List<AssetOrArchive>

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

Values Dictionary<string, object>

Custom values set for the release.

Verify bool

Verify the package before installing it.

Version string

Specify the exact chart version to install. If this is not specified, the latest version is installed.

WaitForJobs bool

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

Atomic bool

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

Chart string

Chart name to be installed. A path may be used.

CleanupOnFail bool

Allow deletion of new resources created in this upgrade when upgrade fails.

CreateNamespace bool

Create the namespace if it does not exist.

DependencyUpdate bool

Run helm dependency update before installing the chart.

Description string

Add a custom description

Devel bool

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

DisableCRDHooks bool

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

DisableOpenapiValidation bool

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

DisableWebhooks bool

Prevent hooks from running.

ForceUpdate bool

Force resource update through delete/recreate if needed.

Keyring string

Location of public keys used for verification. Used only if verify is true

Lint bool

Run helm lint when planning.

Manifest map[string]interface{}

The rendered manifests as JSON. Not yet supported.

MaxHistory int

Limit the maximum number of revisions saved per release. Use 0 for no limit.

Name string

Release name.

Namespace string

Namespace to install the release into.

Postrender string

Postrender command to run.

RecreatePods bool

Perform pods restart during upgrade/rollback.

RenderSubchartNotes bool

If set, render subchart notes along with the parent.

Replace bool

Re-use the given name, even if that name is already used. This is unsafe in production

RepositoryOpts RepositoryOpts

Specification defining the Helm chart repository to use.

ResetValues bool

When upgrading, reset the values to the ones built into the chart.

ResourceNames map[string][]string

Names of resources created by the release grouped by "kind/version".

ReuseValues bool

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

SkipAwait bool

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

SkipCrds bool

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

Timeout int

Time in seconds to wait for any individual kubernetes operation.

ValueYamlFiles AssetOrArchive

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

Values map[string]interface{}

Custom values set for the release.

Verify bool

Verify the package before installing it.

Version string

Specify the exact chart version to install. If this is not specified, the latest version is installed.

WaitForJobs bool

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

atomic Boolean

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

chart String

Chart name to be installed. A path may be used.

cleanupOnFail Boolean

Allow deletion of new resources created in this upgrade when upgrade fails.

createNamespace Boolean

Create the namespace if it does not exist.

dependencyUpdate Boolean

Run helm dependency update before installing the chart.

description String

Add a custom description

devel Boolean

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

disableCRDHooks Boolean

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

disableOpenapiValidation Boolean

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

disableWebhooks Boolean

Prevent hooks from running.

forceUpdate Boolean

Force resource update through delete/recreate if needed.

keyring String

Location of public keys used for verification. Used only if verify is true

lint Boolean

Run helm lint when planning.

manifest Map<String,Object>

The rendered manifests as JSON. Not yet supported.

maxHistory Integer

Limit the maximum number of revisions saved per release. Use 0 for no limit.

name String

Release name.

namespace String

Namespace to install the release into.

postrender String

Postrender command to run.

recreatePods Boolean

Perform pods restart during upgrade/rollback.

renderSubchartNotes Boolean

If set, render subchart notes along with the parent.

replace Boolean

Re-use the given name, even if that name is already used. This is unsafe in production

repositoryOpts RepositoryOpts

Specification defining the Helm chart repository to use.

resetValues Boolean

When upgrading, reset the values to the ones built into the chart.

resourceNames Map<String,List<String>>

Names of resources created by the release grouped by "kind/version".

reuseValues Boolean

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

skipAwait Boolean

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

skipCrds Boolean

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

timeout Integer

Time in seconds to wait for any individual kubernetes operation.

valueYamlFiles List<AssetOrArchive>

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

values Map<String,Object>

Custom values set for the release.

verify Boolean

Verify the package before installing it.

version String

Specify the exact chart version to install. If this is not specified, the latest version is installed.

waitForJobs Boolean

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

atomic boolean

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

chart string

Chart name to be installed. A path may be used.

cleanupOnFail boolean

Allow deletion of new resources created in this upgrade when upgrade fails.

createNamespace boolean

Create the namespace if it does not exist.

dependencyUpdate boolean

Run helm dependency update before installing the chart.

description string

Add a custom description

devel boolean

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

disableCRDHooks boolean

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

disableOpenapiValidation boolean

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

disableWebhooks boolean

Prevent hooks from running.

forceUpdate boolean

Force resource update through delete/recreate if needed.

keyring string

Location of public keys used for verification. Used only if verify is true

lint boolean

Run helm lint when planning.

manifest {[key: string]: any}

The rendered manifests as JSON. Not yet supported.

maxHistory number

Limit the maximum number of revisions saved per release. Use 0 for no limit.

name string

Release name.

namespace string

Namespace to install the release into.

postrender string

Postrender command to run.

recreatePods boolean

Perform pods restart during upgrade/rollback.

renderSubchartNotes boolean

If set, render subchart notes along with the parent.

replace boolean

Re-use the given name, even if that name is already used. This is unsafe in production

repositoryOpts RepositoryOpts

Specification defining the Helm chart repository to use.

resetValues boolean

When upgrading, reset the values to the ones built into the chart.

resourceNames {[key: string]: string[]}

Names of resources created by the release grouped by "kind/version".

reuseValues boolean

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

skipAwait boolean

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

skipCrds boolean

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

timeout number

Time in seconds to wait for any individual kubernetes operation.

valueYamlFiles (pulumiassetAsset | pulumiassetArchive)[]

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

values {[key: string]: any}

Custom values set for the release.

verify boolean

Verify the package before installing it.

version string

Specify the exact chart version to install. If this is not specified, the latest version is installed.

waitForJobs boolean

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

atomic bool

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

chart str

Chart name to be installed. A path may be used.

cleanup_on_fail bool

Allow deletion of new resources created in this upgrade when upgrade fails.

create_namespace bool

Create the namespace if it does not exist.

dependency_update bool

Run helm dependency update before installing the chart.

description str

Add a custom description

devel bool

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

disable_crd_hooks bool

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

disable_openapi_validation bool

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

disable_webhooks bool

Prevent hooks from running.

force_update bool

Force resource update through delete/recreate if needed.

keyring str

Location of public keys used for verification. Used only if verify is true

lint bool

Run helm lint when planning.

manifest Mapping[str, Any]

The rendered manifests as JSON. Not yet supported.

max_history int

Limit the maximum number of revisions saved per release. Use 0 for no limit.

name str

Release name.

namespace str

Namespace to install the release into.

postrender str

Postrender command to run.

recreate_pods bool

Perform pods restart during upgrade/rollback.

render_subchart_notes bool

If set, render subchart notes along with the parent.

replace bool

Re-use the given name, even if that name is already used. This is unsafe in production

repository_opts RepositoryOpts

Specification defining the Helm chart repository to use.

reset_values bool

When upgrading, reset the values to the ones built into the chart.

resource_names Mapping[str, Sequence[str]]

Names of resources created by the release grouped by "kind/version".

reuse_values bool

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

skip_await bool

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

skip_crds bool

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

timeout int

Time in seconds to wait for any individual kubernetes operation.

value_yaml_files Archive]]

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

values Mapping[str, Any]

Custom values set for the release.

verify bool

Verify the package before installing it.

version str

Specify the exact chart version to install. If this is not specified, the latest version is installed.

wait_for_jobs bool

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

atomic Boolean

If set, installation process purges chart on fail. skipAwait will be disabled automatically if atomic is used.

chart String

Chart name to be installed. A path may be used.

cleanupOnFail Boolean

Allow deletion of new resources created in this upgrade when upgrade fails.

createNamespace Boolean

Create the namespace if it does not exist.

dependencyUpdate Boolean

Run helm dependency update before installing the chart.

description String

Add a custom description

devel Boolean

Use chart development versions, too. Equivalent to version '>0.0.0-0'. If version is set, this is ignored.

disableCRDHooks Boolean

Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook

disableOpenapiValidation Boolean

If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema

disableWebhooks Boolean

Prevent hooks from running.

forceUpdate Boolean

Force resource update through delete/recreate if needed.

keyring String

Location of public keys used for verification. Used only if verify is true

lint Boolean

Run helm lint when planning.

manifest Map<Any>

The rendered manifests as JSON. Not yet supported.

maxHistory Number

Limit the maximum number of revisions saved per release. Use 0 for no limit.

name String

Release name.

namespace String

Namespace to install the release into.

postrender String

Postrender command to run.

recreatePods Boolean

Perform pods restart during upgrade/rollback.

renderSubchartNotes Boolean

If set, render subchart notes along with the parent.

replace Boolean

Re-use the given name, even if that name is already used. This is unsafe in production

repositoryOpts Property Map

Specification defining the Helm chart repository to use.

resetValues Boolean

When upgrading, reset the values to the ones built into the chart.

resourceNames Map<List<String>>

Names of resources created by the release grouped by "kind/version".

reuseValues Boolean

When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored

skipAwait Boolean

By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.

skipCrds Boolean

If set, no CRDs will be installed. By default, CRDs are installed if not already present.

timeout Number

Time in seconds to wait for any individual kubernetes operation.

valueYamlFiles List<Asset>

List of assets (raw yaml files). Content is read and merged with values. Not yet supported.

values Map<Any>

Custom values set for the release.

verify Boolean

Verify the package before installing it.

version String

Specify the exact chart version to install. If this is not specified, the latest version is installed.

waitForJobs Boolean

Will wait until all Jobs have been completed before marking the release as successful. This is ignored if skipAwait is enabled.

ReleaseStatus

AppVersion string

The version number of the application being deployed.

Chart string

The name of the chart.

Name string

Name is the name of the release.

Namespace string

Namespace is the kubernetes namespace of the release.

Revision int

Version is an int32 which represents the version of the release.

Status string

Status of the release.

Version string

A SemVer 2 conformant version string of the chart.

AppVersion string

The version number of the application being deployed.

Chart string

The name of the chart.

Name string

Name is the name of the release.

Namespace string

Namespace is the kubernetes namespace of the release.

Revision int

Version is an int32 which represents the version of the release.

Status string

Status of the release.

Version string

A SemVer 2 conformant version string of the chart.

appVersion String

The version number of the application being deployed.

chart String

The name of the chart.

name String

Name is the name of the release.

namespace String

Namespace is the kubernetes namespace of the release.

revision Integer

Version is an int32 which represents the version of the release.

status String

Status of the release.

version String

A SemVer 2 conformant version string of the chart.

appVersion string

The version number of the application being deployed.

chart string

The name of the chart.

name string

Name is the name of the release.

namespace string

Namespace is the kubernetes namespace of the release.

revision number

Version is an int32 which represents the version of the release.

status string

Status of the release.

version string

A SemVer 2 conformant version string of the chart.

app_version str

The version number of the application being deployed.

chart str

The name of the chart.

name str

Name is the name of the release.

namespace str

Namespace is the kubernetes namespace of the release.

revision int

Version is an int32 which represents the version of the release.

status str

Status of the release.

version str

A SemVer 2 conformant version string of the chart.

appVersion String

The version number of the application being deployed.

chart String

The name of the chart.

name String

Name is the name of the release.

namespace String

Namespace is the kubernetes namespace of the release.

revision Number

Version is an int32 which represents the version of the release.

status String

Status of the release.

version String

A SemVer 2 conformant version string of the chart.

RepositoryOpts

CaFile string

The Repository's CA File

CertFile string

The repository's cert file

KeyFile string

The repository's cert key file

Password string

Password for HTTP basic authentication

Repo string

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

Username string

Username for HTTP basic authentication

CaFile string

The Repository's CA File

CertFile string

The repository's cert file

KeyFile string

The repository's cert key file

Password string

Password for HTTP basic authentication

Repo string

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

Username string

Username for HTTP basic authentication

caFile String

The Repository's CA File

certFile String

The repository's cert file

keyFile String

The repository's cert key file

password String

Password for HTTP basic authentication

repo String

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

username String

Username for HTTP basic authentication

caFile string

The Repository's CA File

certFile string

The repository's cert file

keyFile string

The repository's cert key file

password string

Password for HTTP basic authentication

repo string

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

username string

Username for HTTP basic authentication

ca_file str

The Repository's CA File

cert_file str

The repository's cert file

key_file str

The repository's cert key file

password str

Password for HTTP basic authentication

repo str

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

username str

Username for HTTP basic authentication

caFile String

The Repository's CA File

certFile String

The repository's cert file

keyFile String

The repository's cert key file

password String

Password for HTTP basic authentication

repo String

Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.

username String

Username for HTTP basic authentication

Package Details

Repository
Jetstack Cert Manager (Helm)
License