yolokube/traefik-certmanager
yolokube/traefik-certmanager
Archived
3
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Merge aeaccb9d14 into ccb1f91ed4

Browse source
This commit is contained in:
T. Andrew Manning 2024-12-17 11:30:50 -06:00 committed by GitHub
commit 0728330fc8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 24 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -1,4 +1,4 @@
FROM python:alpine FROM python:3.11-alpine
ENV PYTHONUNBUFFERED=1 \ ENV PYTHONUNBUFFERED=1 \
ISSUER_NAME=letsencrypt \ ISSUER_NAME=letsencrypt \
@ -8,4 +8,4 @@ ENV PYTHONUNBUFFERED=1 \
RUN pip install kubernetes RUN pip install kubernetes
COPY main.py / COPY main.py /
CMD python /main.py CMD ["python", "/main.py"]

22
main.py
View file

@ -6,7 +6,6 @@ import signal
import sys import sys
import threading import threading
from unicodedata import name
from kubernetes import client, config, watch from kubernetes import client, config, watch
from kubernetes.client.rest import ApiException from kubernetes.client.rest import ApiException
@ -19,6 +18,7 @@ CERT_ISSUER_NAME = os.getenv("ISSUER_NAME", "letsencrypt")
CERT_ISSUER_KIND = os.getenv("ISSUER_KIND", "ClusterIssuer") CERT_ISSUER_KIND = os.getenv("ISSUER_KIND", "ClusterIssuer")
CERT_CLEANUP = os.getenv("CERT_CLEANUP", "false").lower() in ("yes", "true", "t", "1") CERT_CLEANUP = os.getenv("CERT_CLEANUP", "false").lower() in ("yes", "true", "t", "1")
PATCH_SECRETNAME = os.getenv("PATCH_SECRETNAME", "false").lower() in ("yes", "true", "t", "1") PATCH_SECRETNAME = os.getenv("PATCH_SECRETNAME", "false").lower() in ("yes", "true", "t", "1")
SUPPORT_LEGACY_CRDS = os.getenv("SUPPORT_LEGACY_CRDS", "true").lower() in ("yes", "true", "t", "1")
def safe_get(obj, keys, default=None): def safe_get(obj, keys, default=None):
@ -38,10 +38,10 @@ def create_certificate(crds, namespace, secretname, routes):
Create a certificate request for certmanager based on the IngressRoute Create a certificate request for certmanager based on the IngressRoute
""" """
try: try:
secret = crds.get_namespaced_custom_object(CERT_GROUP, CERT_VERSION, namespace, CERT_PLURAL, secretname) assert crds.get_namespaced_custom_object(CERT_GROUP, CERT_VERSION, namespace, CERT_PLURAL, secretname)
logging.info(f"{secretname} : certificate request already exists.") logging.info(f"{secretname} : certificate request already exists.")
return return
except ApiException as e: except ApiException:
pass pass
for route in routes: for route in routes:
@ -147,19 +147,25 @@ def main():
signal.signal(signal.SIGINT, exit_gracefully) signal.signal(signal.SIGINT, exit_gracefully)
signal.signal(signal.SIGTERM, exit_gracefully) signal.signal(signal.SIGTERM, exit_gracefully)
# deprecated traefik CRD # new traefik CRD
th1 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True) th1 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True)
th1.start() th1.start()
# new traefik CRD if SUPPORT_LEGACY_CRDS:
th2 = threading.Thread(target=watch_crd, args=("traefik.io", "v1alpha1", "ingressroutes"), daemon=True) # deprecated traefik CRD
th2 = threading.Thread(target=watch_crd, args=("traefik.containo.us", "v1alpha1", "ingressroutes"), daemon=True)
th2.start() th2.start()
# wait for threads to finish # wait for threads to finish
while th1.is_alive() and th2.is_alive(): while th1.is_alive() and th2.is_alive():
th1.join(0.1) th1.join(0.1)
th2.join(0.1) th2.join(0.1)
logging.info(f"One of the threads exited {th1.is_alive()}, {th2.is_alive()}") logging.info(f"traefik.containo.us/v1alpha1/ingressroutes watcher exited {th2.is_alive()}")
else:
# wait for threads to finish
while th1.is_alive():
th1.join(0.1)
logging.info(f"traefik.io/v1alpha1/ingressroutes watcher exited {th1.is_alive()}")
if __name__ == '__main__': if __name__ == '__main__':

2
requirements.txt
View file

@ -1 +1 @@
kubernetes kubernetes==31.x