Anas BENSTITOU benstitou

## gist:470e995e051a239cb579a0b4fbcdb1b0
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name:  cert-manager-example-ingress-01
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod-01
spec:
  ingressClassName: ingress-nginx
  rules:
    - host: myingress.<YOUR_DOMAIN>

## gist:9b8801262322e3e219110f3d64011407
kind: Service
apiVersion: v1
metadata:
  name: cert-manager-example-01-svc
spec:
  selector:
    app: cert-manager-example-01
  type: ClusterIP
  ports:
  - name: http

## gist:9813c6340b1ff7656cd782075d7edd04
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cert-manager-example-01
spec:
  replicas: 1
  selector:
    matchLabels:
      app: cert-manager-example-01
  template:

## gist:93f9186ab485bed05b067863d05a56af
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod-01
spec:
  acme:
    # You must replace this email address with your own.
    # Let's Encrypt will use this to contact you about expiring
    # certificates, and issues related to your account.
    email: <EMAIL_ADDRESS>

## gist:ad42e7fb9b82b860c8e37faf0c4c4ead
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging-01
spec:
  acme:
    # You must replace this email address with your own.
    # Let's Encrypt will use this to contact you about expiring
    # certificates, and issues related to your account.
    email: <EMAIL_ADDRESS>

## gist:828c8db512162ad3a9ee6593b1c2770d
resource "helm_release" "cert_manager" {
  name             = local.cert_manager_name
  repository       = "https://charts.jetstack.io"
  chart            = "cert-manager"
  version          = "v1.13.3"
  namespace        = "cert-manager"
  create_namespace = true

  set {
    name  = "installCRDs"

## gist:20d7e354c54855bf77004a3fc0aab7c8
resource "helm_release" "ingress_nginx" {
  name             = local.nginx_ingress_name
  repository       = "https://kubernetes.github.io/ingress-nginx"
  chart            = "ingress-nginx"
  namespace        = "ingress"
  create_namespace = true
  values = [
    file("./ingress/values.yml")
  ]

## gist:a96908f2431cd356c6ea151c1d33f1e9
  replicaCount: 1
  extraArgs:
    ingress-class: ingress-nginx
  publishService:
    enabled: true
  service:
    annotations:
      service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
      service.beta.kubernetes.io/azure-load-balancer-resource-group: rg-aks-terraform-prod # The resource group where the public IP is located
  ingressClassResource:

## gist:a221587864ace927d5a9d664d9a0fdfc
resource "azurerm_dns_zone" "ingress" {
  name                = local.dns_name
  resource_group_name = azurerm_resource_group.rg_prod.name
}

resource "azurerm_dns_a_record" "ingress" {
  name                = "myingress"
  zone_name           = azurerm_dns_zone.ingress.name
  resource_group_name = azurerm_resource_group.rg_prod.name
  ttl                 = 3600

## gist:7625fd18b923affb8006d898adf29dcd
data "azurerm_kubernetes_cluster" "main_aks" {
  name                = local.aks_name
  resource_group_name = local.rg_name
  depends_on = [
    azurerm_kubernetes_cluster.main_aks
  ]
}
	kind: Ingress
	apiVersion: networking.k8s.io/v1
	metadata:
	name: cert-manager-example-ingress-01
	annotations:
	cert-manager.io/cluster-issuer: letsencrypt-prod-01
	spec:
	ingressClassName: ingress-nginx
	rules:
	- host: myingress.<YOUR_DOMAIN>
	kind: Service
	apiVersion: v1
	metadata:
	name: cert-manager-example-01-svc
	spec:
	selector:
	app: cert-manager-example-01
	type: ClusterIP
	ports:
	- name: http
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: cert-manager-example-01
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: cert-manager-example-01
	template:
	apiVersion: cert-manager.io/v1
	kind: ClusterIssuer
	metadata:
	name: letsencrypt-prod-01
	spec:
	acme:
	# You must replace this email address with your own.
	# Let's Encrypt will use this to contact you about expiring
	# certificates, and issues related to your account.
	email: <EMAIL_ADDRESS>
	resource "helm_release" "cert_manager" {
	name = local.cert_manager_name
	repository = "https://charts.jetstack.io"
	chart = "cert-manager"
	version = "v1.13.3"
	namespace = "cert-manager"
	create_namespace = true

	set {
	name = "installCRDs"
	resource "helm_release" "ingress_nginx" {
	name = local.nginx_ingress_name
	repository = "https://kubernetes.github.io/ingress-nginx"
	chart = "ingress-nginx"
	namespace = "ingress"
	create_namespace = true
	values = [
	file("./ingress/values.yml")
	]
	replicaCount: 1
	extraArgs:
	ingress-class: ingress-nginx
	publishService:
	enabled: true
	service:
	annotations:
	service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
	service.beta.kubernetes.io/azure-load-balancer-resource-group: rg-aks-terraform-prod # The resource group where the public IP is located
	ingressClassResource:
	resource "azurerm_dns_zone" "ingress" {
	name = local.dns_name
	resource_group_name = azurerm_resource_group.rg_prod.name
	}

	resource "azurerm_dns_a_record" "ingress" {
	name = "myingress"
	zone_name = azurerm_dns_zone.ingress.name
	resource_group_name = azurerm_resource_group.rg_prod.name
	ttl = 3600
	data "azurerm_kubernetes_cluster" "main_aks" {
	name = local.aks_name
	resource_group_name = local.rg_name
	depends_on = [
	azurerm_kubernetes_cluster.main_aks
	]
	}