Closed sleshchenko closed 3 years ago
Initially, we used Che specific job that simply uses openssl to create certificates. It's better to use https://github.com/newrelic/k8s-webhook-cert-manager or https://github.com/jet/kube-webhook-certgen(used by nginx ingress controller).
At the time we'll have DevWorkspace Operator it may not be actual anymore and we may fully rely on OLM for certificates for webhook server but we'll see. I even am glad to see any better propose an alternative.
Update:
point to the last documentation about webhooks in Kubebuilder, which is now completely the basis of the new OperatorSDK 1.0: https://book.kubebuilder.io/cronjob-tutorial/running.html and https://book.kubebuilder.io/cronjob-tutorial/cert-manager.html
I believe this issue can be closed, as webhooks strongly encourage us to use cert-manager (k8s) and the service-ca operator (OpenShift).
Initially, we used Che specific job that simply uses openssl to create certificates. It's better to use https://github.com/newrelic/k8s-webhook-cert-manager or https://github.com/jet/kube-webhook-certgen(used by nginx ingress controller).
At the time we'll have DevWorkspace Operator it may not be actual anymore and we may fully rely on OLM for certificates for webhook server but we'll see. I even am glad to see any better propose an alternative.
Update: