Porkbun Webhook solver for Cert Manager

This is an unofficial webhook solver for Cert Manager and Porkbun.

Usage

1. Deploy the webhook:

   helm install porkbun-webhook ./deploy/porkbun-webhook \
       --set groupName=<your group>
   

2. Create a secret containing your API key:

   kubectl create secret generic porkbun-key \
       --from-literal=api-key=<your key> \
       --from-literal=secret-key=<your key>
   

3. Create a role and role binding:

   kubectl apply -f rbac.yaml
   

4. Configure a certificate issuer:

   apiVersion: cert-manager.io/v1
   kind: ClusterIssuer
   metadata:
     name: letsencrypt
   spec:
     acme:
       server: https://acme-v02.api.letsencrypt.org/directory
       email: <your e-mail>
       privateKeySecretRef:
         name: letsencrypt-key
       solvers:
         - selector:
             dnsZones:
               - <your domain>
           dns01:
             webhook:
               groupName: <your group>
               solverName: porkbun
               config:
                 apiKeySecretRef:
                   name: porkbun-key
                   key: api-key
                 secretKeySecretRef:
                   name: porkbun-key
                   key: secret-key

Running the test suite

All DNS providers must run the DNS01 provider conformance testing suite, else they will have undetermined behaviour when used with cert-manager.

It is essential that you configure and run the test suite when creating a DNS01 webhook.

To run the tests, first put your api key into testdata/porkbun-solver/porkbun-secret.yaml.

Then you can run the test suite with:

TEST_ZONE_NAME=<your domain>. make test