amisevsk
commented
3 years ago I believe this issue can be closed, as webhooks strongly encourage us to use cert-manager (k8s) and the service-ca operator (OpenShift).
Closed sleshchenko closed 3 years ago
amisevsk
commented
3 years ago I believe this issue can be closed, as webhooks strongly encourage us to use cert-manager (k8s) and the service-ca operator (OpenShift).
Initially, we used Che specific job that simply uses openssl to create certificates. It's better to use https://github.com/newrelic/k8s-webhook-cert-manager or https://github.com/jet/kube-webhook-certgen(used by nginx ingress controller).
At the time we'll have DevWorkspace Operator it may not be actual anymore and we may fully rely on OLM for certificates for webhook server but we'll see. I even am glad to see any better propose an alternative.
Update: