This is an unofficial webhook solver for Cert Manager and Porkbun.
-
Deploy the webhook:
helm install porkbun-webhook ./deploy/porkbun-webhook \ --set groupName=<your group> --namespace=cert-manager
-
Create a secret containing your API key:
kubectl create secret generic porkbun-key \ --from-literal=api-key=<your key> \ --from-literal=secret-key=<your key>
-
Create a role and role binding:
kubectl apply -f rbac.yaml
-
Configure a certificate issuer:
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt spec: acme: server: https://acme-v02.api.letsencrypt.org/directory email: <your e-mail> privateKeySecretRef: name: letsencrypt-key solvers: - selector: dnsZones: - <your domain> dns01: webhook: groupName: <your group> solverName: porkbun config: apiKeySecretRef: name: porkbun-key key: api-key secretKeySecretRef: name: porkbun-key key: secret-key
All DNS providers must run the DNS01 provider conformance testing suite, else they will have undetermined behaviour when used with cert-manager.
It is essential that you configure and run the test suite when creating a DNS01 webhook.
To run the tests, first put your api key into testdata/porkbun-solver/porkbun-secret.yaml.
Then you can run the test suite with:
TEST_ZONE_NAME=<your domain>. make test