k8s/helm/setup/argocd/istio-ingress.yaml

58 lines
1,007 B
YAML

---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: argocd-cert
namespace: istio-system
spec:
secretName: argocd-cert
commonName: argocd.teapot.masked.name
dnsNames:
- argocd.teapot.masked.name
issuerRef:
name: vault-issuer
kind: ClusterIssuer
group: cert-manager.io
...
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: argocd-gateway
namespace: argocd
spec:
selector:
istio: ingressgateway-internal
servers:
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: argocd-cert
hosts:
- argocd.teapot.masked.name
...
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: argocd-gateway
namespace: argocd
spec:
hosts:
- argocd.teapot.masked.name
gateways:
- argocd-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
port:
number: 80
host: argocd-server
...