X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=installers%2Fcharm%2Fnbi%2Fsrc%2Fcharm.py;h=1f5812afc895096996a6d692e1dc240b03960c47;hb=refs%2Fchanges%2F19%2F10719%2F2;hp=9d62fe2fcbc4082430bb1d37658b5c72f92eaece;hpb=49379ced23b5e344a773ce77ac9cb59c1864e19b;p=osm%2Fdevops.git

diff --git a/installers/charm/nbi/src/charm.py b/installers/charm/nbi/src/charm.py
index 9d62fe2f..1f5812af 100755
--- a/installers/charm/nbi/src/charm.py
+++ b/installers/charm/nbi/src/charm.py
@@ -23,32 +23,25 @@
 # pylint: disable=E0213
 
 
-import logging
-from typing import Optional, NoReturn
 from ipaddress import ip_network
+import logging
+from typing import NoReturn, Optional
 from urllib.parse import urlparse
 
-from ops.main import main
 
+from ops.main import main
 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
-
+from opslib.osm.interfaces.http import HttpServer
+from opslib.osm.interfaces.kafka import KafkaClient
+from opslib.osm.interfaces.keystone import KeystoneClient
+from opslib.osm.interfaces.mongo import MongoClient
+from opslib.osm.interfaces.prometheus import PrometheusClient
 from opslib.osm.pod import (
     ContainerV3Builder,
-    PodSpecV3Builder,
     IngressResourceV3Builder,
+    PodSpecV3Builder,
 )
-
-
-from opslib.osm.validator import (
-    ModelValidator,
-    validator,
-)
-
-from opslib.osm.interfaces.kafka import KafkaClient
-from opslib.osm.interfaces.mongo import MongoClient
-from opslib.osm.interfaces.prometheus import PrometheusClient
-from opslib.osm.interfaces.keystone import KeystoneClient
-from opslib.osm.interfaces.http import HttpServer
+from opslib.osm.validator import ModelValidator, validator
 
 
 logger = logging.getLogger(__name__)
@@ -63,6 +56,7 @@ class ConfigModel(ModelValidator):
     log_level: str
     max_file_size: int
     site_url: Optional[str]
+    cluster_issuer: Optional[str]
     ingress_whitelist_source_range: Optional[str]
     tls_secret_name: Optional[str]
 
@@ -247,6 +241,9 @@ class NbiCharm(CharmedOsmBase):
                     "nginx.ingress.kubernetes.io/whitelist-source-range"
                 ] = config.ingress_whitelist_source_range
 
+            if config.cluster_issuer:
+                annotations["cert-manager.io/cluster-issuer"] = config.cluster_issuer
+
             if parsed.scheme == "https":
                 ingress_resource_builder.add_tls(
                     [parsed.hostname], config.tls_secret_name