cert manager controller ^#0

By cert-manager-charmers
stable, candidate, beta, edge

Supports: kubernetes

Deploy this charm on Kubernetes with the CLI. Find out how by reading the docs.

Description

Cert Manager Controller

Docker Resource Layer

This layer provides an interface for dealing with charm resources that are Docker images.

Usage

Using this layer generally consists of the following steps:

Call layer.docker_resource.fetch(resource_name)
Wait for layer.docker-resource.{resource_name}.available
Call layer.docker_resource.get_info(resource_name)

Alternatively, a resource can be marked with auto-fetch: true in its definition in metadata.yaml, in which case it will automatically have fetch() called on it, if it is of type docker. That way, you can skip the first step and remove the need for an additional handler.

Example

Given a Kubernetes charm with the following resource definition in the metadata.yaml file:

name: my-charm
resources:
  my-resource:
    type: oci-image
    auto-fetch: true
    description: "The image for this charm"

The charm would then use the follow reactive code to use the Docker image resource:

from charms.reactive import when, when_not

from charms import layer


@when('layer.docker-resource.my-resource.available')
@when_not('charm.my-charm.started')
def start_container():
    layer.status.maintenance('configuring container')
    image_info = layer.docker-resource.get_info('my-resource')
    layer.caas_base.pod_spec_set({
        'containers': [
            {
                'name': 'my-service',
                'imageDetails': {
                    'imagePath': image_info.registry_path,
                    'username': image_info.username,
                    'password': image_info.password,
                },
                'ports': [
                    {
                        'name': 'service',
                        'containerPort': 80,
                    },
                ],
            },
        ],
    })
    layer.status.maintenance('creating container')

Reference

Methods

The methods available are:

charms.layer.docker-resource.fetch(resource_name) Request that the given Docker image resource be fetched and validated.
charms.layer.docker-resource.get_info(resource_name) Return the image info object for the given resource.

Image Info Object

The image info object returned by get_info(resource_name) is a DockerImageInfo instance which has the following properties:

image_info.registry_path This is the fully qualified registry path for the image. This will generally point to the controller or charm store, but may point directly to an external registry.
image_info.username The username needed to access the image on the registry, if any.
image_info.password The password needed to access the image on the registry, if any.

Reactive Flags

The flags set by this layer are:

layer.docker-resource.{resource_name}.fetched Set as soon as the given resource has been requested by the fetch method.
layer.docker-resource.{resource_name}.available Set when the given resource has been downloaded and is available.
layer.docker-resource.{resource_name}.failed Set when the given resource failed to download.

Status Messages

This layer will automatically set a maintenance status message while fetching each resource, and a blocked status message if one or more resources fail to be fetched. The statuses will be set using layer:status to handle conflict resolution.

You can disable automatic status messages from this layer by changing the layer option set-status to false in your layer.yaml.

Configuration

acme-issuers: (string) ACME issuers. See https://cert-manager.io/docs/configuration/acme/; {}
ca-issuers: (string) CA issuers. See https://cert-manager.io/docs/configuration/ca/; {}
port: (int) HTTP port; 9402
self-signed-issuers: (string) Self-signed issuers. See https://cert-manager.io/docs/configuration/selfsigned/; cert-manager-default: