chore: Simplify cert-manager certs and support existingIssuer #442
Conversation
| {{- else }} | ||
| cert-manager.io/inject-ca-from-secret: {{ .Release.Namespace }}/{{ .Values.certificates.certManager.caSecretName }} | ||
| {{- end }} | ||
| cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Values.operator.name }}-tls-certificates |
There was a problem hiding this comment.
This wasn't configured like its documented inside the cert-manager docs.
I'd suggest to follow 1:1 the docs of cert-manager:
https://cert-manager.io/docs/concepts/ca-injector/#injecting-ca-data-from-a-certificate-resource
There was a problem hiding this comment.
The annotation cert-manager.io/inject-ca-from has the value <namespace-name>/<certificate-name>
In the current implementation of the chart the value is <namespace-name>/<secret-name> which seems also working but it does not follow the documentation.
mkilchhofer
force-pushed
the
feature/existing_cert-manager_issuer
branch
from
cb03763
to
84d5c43
Compare
|
I believe that we will agree with a v3 of the chart. If finally we continue with the new version, I think that it'll be the good moment to address this change too, not needing to maintain backward compatibility |
Signed-off-by: Marco Kilchhofer <[email protected]>
mkilchhofer
force-pushed
the
feature/existing_cert-manager_issuer
branch
from
84d5c43
to
37d7bff
Compare
|
Rebased :-) |
|
I still think that we should work on KEDA chart v3 and remove all this code that we think it's not okey. It brings us the flexibility to break everything. |
I am all in for Charts simplification. I am not sure what we should do with the versioning though...mabye we can even start thinking about KEDA v3? ... there are several proposal that would be breaking and actually great kedacore/keda#4771 |
|
Reusing an existing issuer is now possible via:
Closing my issue now 👍 |
Improve 2 things related to cert-manager certificates:
Somehow related to #371 as this introduced the usage of cert-manager.
Checklist
Fixes #