search

epinio / helm-charts

Epinio Helm chart
https://epinio.github.io/helm-charts/
2 stars 15 forks source link

Incorrect ClusterIssuer for Traefik ingress controller #482

Closed phantasia15 closed 1 year ago

phantasia15 commented 1 year ago

Is there an existing issue for this?

Current Behavior

Hi, currently the following default ClusterIssuer will be created:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-production
spec:
   ...
          ingressTemplate:
            metadata:
              annotations:
                traefik.ingress.kubernetes.io/router.entrypoints: websecure
                traefik.ingress.kubernetes.io/router.tls: "true"
   ...

The above annotations will instruct traefik to create a HTTPS-only route at /.well-known/acme-challenge/.... This won't work as the acme challenge is done with a HTTP route. 

kubectl get certificate
NAME              READY   SECRET                AGE
dex-tls           False    dex-tls               106m
epinio            False    epinio-tls            106m
epinio-registry   True    epinio-registry-tls   106m
minio-cert        True    minio-tls             106m

Expected Behavior

The annotations should be removed from the ingressTemplate.

Steps To Reproduce

No response

Environment

- OS: Linux
- Architecture: amd64
- Epinio Version: 1
- Cluster:
  - Provider:
  - Options:
  - Kubernetes Version:

Logs

No response

Anything else?

No response