Installing Wildcard certificate in CD environments

Because we are limited to 50 domain names per week with Let's encrypt, the continuous delivery environment is pretty fast failing to get new certificates. We need to download a Wilcard certificate instead for the CD environments.
2021-06-11 11:57:27 +02:00 · 2021-06-11 11:57:27 +02:00 · 9330a3ec89
parent c44d453f20
commit 9330a3ec89
1 changed files with 15 additions and 0 deletions
--- a/.github/workflows/build-and-deploy.yml
+++ b/.github/workflows/build-and-deploy.yml
@ -149,6 +149,21 @@ jobs:
      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

+      - name: Write certificate
+        run: echo "${CERTS_PRIVATE_KEY}" > secret.key
+        env:
+          CERTS_PRIVATE_KEY: ${{ secrets.CERTS_PRIVATE_KEY }}
+
+      - name: Download certificate
+        run: mkdir secrets && scp -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/
+
+      - name: Install certificates in namespace
+        uses: steebchen/kubectl@v1.0.0
+        env:
+          KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE }}
+        with:
+          args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} create secret tls certificate-tls --key="secrets/privkey.pem" --cert="secrets/fullchain.pem"
+
      - name: Deploy
        uses: thecodingmachine/deeployer-action@master
        env: