Skip to content

michelefa1988/cert_sync

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitignore
.gitignore
 
 
Dockerfile.Build
Dockerfile.Build
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
certsync.sh
certsync.sh
 
 
config.json
config.json
 
 

Repository files navigation

Cert-Sync

This script was created after I found no better way of storing AKS cert-manager created certificates into Azure Keyvault.

One of my biggest headaches was that Application gateway requires a certificate when an https listener is created. After the certifiate was generated automatically on the AKS cluster I used this application to sync the certificate onto Azure KeyVault where it can be used by application gateway.

Requirments

The Following are needed for cert-sync to run

  • aad-pod-identity - Allows kubernetes pods to be autenticated to kubernetes resources (mainly keyvault)
  • The pod needs to have following roles
    • Key Vault Secrets Officer
    • Key Vault Cntributor

Build

docker build -t michelefa1988/cert-sync -f Dockerfile.Build .

Run

The following environment variables are required for this script to run correctly

  interval_seconds: "130"
  key_vault_name: "kv-test"
  key_vault_resource_group: "rg-test"
  subscription_id: "xxxx-xxxx-xxxx-xxxx-xxxxx"
  config_path: "/config/config.json"

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages