Closed corvus-ch closed 2 years ago
@corvus-ch, the component currently has some logic to configure acme-based default certificates for OCP4 on cloud providers which have DNS APIs, cf. https://github.com/appuio/component-openshift4-ingress/blob/8fef0c90206844f7647da64efe208a80c2b98d2b/component/main.jsonnet#L28-L47
Should we try to extend the existing logic with the changes required for this issue, or can we safely drop the existing logic?
[…] Should we try to extend the existing logic with the changes required for this issue, or can we safely drop the existing logic?
Try to work with the existing logic. As far as I remember, it justs assumes a working cert manager setup. As we now provide one, it shoud just work ™️
Context
The property
defaultCertificate
of an ingress takes the name of a Secret containing the certificate can key to be used by default. As of now, the component does not allow to manage those secretes. The component should allow to configure those secrets. It should also support to usecert-manager
to create those secrets.Reuse keys in
cert_manager_certs
as values forspec.secretName
of the createdCertificate
resource by default, but allow users to override that field from the hierarchy, if they really want.Alternatives
🤷🏼