TLS with estafette controller

For Estafette CI to work it needs to be secured using https, which requires a valid TLS certificate. This can be dealt with by using estafette-letsencrypt-controller.

To install it in your cluster run the following commands:

helm repo add estafette https://helm.estafette.io
helm upgrade --install estafette-letsencrypt-certificate estafette/estafette-letsencrypt-certificate -n estafette --create-namespace --set secret.cloudflareApiEmail=<cloudflare account email address> --set secret.cloudflareApiKey=<cloudflare api key>

To generate a tls secret used by the ingresses use the following values.yaml

api:
  tls:
    enabled: true
    annotations:
      estafette.io/letsencrypt-certificate: true
      estafette.io/letsencrypt-certificate-hostnames: '{{ $.Values.baseHost }},{{ $.Values.integrationsHost }}'

and apply this with

helm upgrade --install estafette-ci estafette/estafette-ci -n estafette-ci --create-namespace --timeout 600s --values values.yaml