certs are only valid for a few months.

[ramonskie]

certificates are only valid for 3 months even if you set 10 year. the secret manager quarks has been discontinued. so we need to either revive this project. or find an alternative for our secrets and certs

[ramonskie]

candidates?

• https://github.com/awcator/quarks-secret
• https://github.com/vikramraodp/quarks-secret

[ramonskie]

more issues found with quarks-secret. it seems its using a deprecated api see https://kubernetes.io/docs/reference/using-api/deprecation-guide/#certificatesigningrequest-v122 and https://github.com/cloudfoundry-incubator/quarks-secret/search?q=v1beta1

[ramonskie]

investigate https://github.com/vmware-tanzu/carvel-secretgen-controller

this seems to be a good replacement. but we need to wait for the following https://github.com/vmware-tanzu/carvel-secretgen-controller/issues/70 see also https://kubernetes.slack.com/archives/CH8KCCKA5/p1657197288034929

[ramonskie]

we moved to carvel for generating our secrets and certs