Closed brunnels closed 5 years ago
Working on a PR to check for empty CertIssuerName in proxy.go and add UrlTemplate to the SSO.spec which will resolve the issuer problem and allow to customize the ingress url.
The secretName doesn't look configurable in exposecontroller, just hardcoded to tlsSecretName = "tls-" + appName
so not worth messing with IMO.
Just tested and jenkinsxio/sso-operator:0.0.0-SNAPSHOT-PR-23-2
is working like I need. I'm able to configure the host to not include the namespace and the issuer is not being set if not defined in the SSO.Spec.
I need the ability to NOT set
certmanager.k8s.io/issuer
annotation on the ingress.I'm using a cert-manager cluster issuer with dns01 defaults set so all my ingress needs is the single
kubernetes.io/tls-acme: 'true'
annotation and spec.tls configured to get a certificate. If thecertmanager.k8s.io/issuer
annotation gets set then no cert will be issued.Quick fix would be don't set if the value isn't present in the SSO spec. Right now it will set an empty value if not defined:
certmanager.k8s.io/issuer: ''
It would also be nice to be able to define the ingress hostname and the tls.secretName from the SSO spec.