extend readme

CodingWizKid · CodingWizKid · commit 381dbe470a30 · 2023-08-30T08:20:21.000+02:00
diff --git a/README.md b/README.md
@@ -2,12 +2,12 @@
 [![GoTemplate](https://img.shields.io/badge/go/template-black?logo=go)](https://github.com/golang-standards/project-layout)
 [![Go](https://img.shields.io/badge/go-1.21.0-blue?logo=go)](https://golang.org/)
 [![Helm](https://img.shields.io/badge/helm-3.12.3-blue?logo=helm)](https://helm.sh/)
-[![Kubernetes](https://img.shields.io/badge/kubernetes-1.28.0-blue?logo=kubernetes)](https://kubernetes.io/)
-[![Cert Manager](https://img.shields.io/badge/cert--manager-1.12.3-blue?logo=cert-manager)](https://cert-manager.io/)
+[![Kubernetes](https://img.shields.io/badge/kubernetes-1.26.0-blue?logo=kubernetes)](https://kubernetes.io/)
+[![Cert Manager](https://img.shields.io/badge/cert--manager-1.11.0-blue?logo=cert-manager)](https://cert-manager.io/)
 [![Releases](https://img.shields.io/github/v/release/stackitcloud/stackit-cert-manager-webhook?include_prereleases)](https://github.com/stackitcloud/stackit-cert-manager-webhook/releases)
-[![CI](https://github.com/stackitcloud/stackit-api-manager-cli/actions/workflows/main.yml/badge.svg)](https://github.com/stackitcloud/stackit-cert-manager-webhook/actions/workflows/main.yml)
+[![CI](https://github.com/stackitcloud/stackit-cert-manager-webhook/actions/workflows/main.yml/badge.svg)](https://github.com/stackitcloud/stackit-cert-manager-webhook/actions/workflows/main.yml)
 [![Semgrep](https://github.com/stackitcloud/stackit-api-manager-cli/actions/workflows/semgrep.yml/badge.svg)](https://github.com/stackitcloud/stackit-cert-manager-webhook/actions/workflows/semgrep.yml)
-[![Go Report Card](https://goreportcard.com/badge/github.com/stackitcloud/stackit-api-manager-cli)](https://goreportcard.com/report/github.com/stackitcloud/stackit-cert-manager-webhook)
+[![Go Report Card](https://goreportcard.com/badge/github.com/stackitcloud/stackit-cert-manager-webhook)](https://goreportcard.com/report/github.com/stackitcloud/stackit-cert-manager-webhook)
 
 Facilitate a webhook integration for leveraging the STACKIT DNS alongside 
 its [API](https://docs.api.stackit.cloud/documentation/dns/version/v1) to act as a DNS01 
@@ -43,11 +43,11 @@ For scenarios wherein zones and record sets are encapsulated within a singular p
           name: letsencrypt-prod
         solvers:
         - dns01:
-          webhook:
-            solverName: stackit
-            groupName: stackit.de
-            config:
-              projectId: <STACKIT PROJECT ID>
+            webhook:
+              solverName: stackit
+              groupName: stackit.de
+              config:
+                projectId: <STACKIT PROJECT ID>
     ```
 
     For diverse project architectures where zones are spread across varying projects, necessitating distinct 
@@ -72,15 +72,60 @@ For scenarios wherein zones and record sets are encapsulated within a singular p
           name: letsencrypt-prod
         solvers:
         - dns01:
-          webhook:
-            solverName: stackit
-            groupName: stackit.de
-            config:
-              projectId: <STACKIT PROJECT ID>
-              authTokenSecretNamespace: default
+            webhook:
+              solverName: stackit
+              groupName: stackit.de
+              config:
+                projectId: <STACKIT PROJECT ID>
+                authTokenSecretNamespace: default
     ```
     *Note:* Ensure the creation of an authentication token secret within the namespace linked to the issuer. 
     The secret must be vested with permissions to access zones in the stipulated project configuration.
+3. ***Demonstration of Ingress Integration with Wildcard SSL/TLS Certificate Generation***   
+Given the preceding configuration, it is possible to exploit the capabilities of the Issuer or ClusterIssuer to 
+dynamically produce wildcard SSL/TLS certificates in the following manner:
+    ```yaml
+    apiVersion: cert-manager.io/v1
+    kind: Certificate
+    metadata:
+      name: wildcard-example
+      namespace: default
+    spec:
+      secretName: wildcard-example-tls
+      issuerRef:
+        name: letsencrypt-prod
+        kind: Issuer
+      commonName: '*.example.runs.onstackit.cloud' # project must be the owner of this zone
+      duration: 8760h0m0s
+      dnsNames:
+        - example.runs.onstackit.cloud
+        - '*.example.runs.onstackit.cloud'
+    ---
+    apiVersion: networking.k8s.io/v1
+    kind: Ingress
+    metadata:
+      name: app-ingress
+      namespace: default
+      annotations:
+        ingress.kubernetes.io/rewrite-target: /
+        kubernetes.io/ingress.class: "nginx"
+    spec:
+      rules:
+        - host: "app.example.runs.onstackit.cloud"
+          http:
+            paths:
+              - path: /
+                pathType: Prefix
+                backend:
+                  service:
+                    name: webapp
+                    port:
+                      number: 80
+      tls:
+        - hosts:
+            - "app.example.runs.onstackit.cloud"
+          secretName: wildcard-example-tls
+    ```
 
 ## Test Procedures
 - Unit Testing:
