search

fiaas / fiaas-deploy-daemon

fiaas-deploy-daemon is the core component of the FIAAS platform
https://fiaas.github.io/
Apache License 2.0
55 stars 31 forks source link

Add a parameter to limit the number of subdomains when TLS is enabled #239

Open herodes1991 opened 6 months ago

herodes1991 commented 6 months ago

Recently our ACME provider add a limit for the number of subdomains a certificate can have.

Keeping in mind that this is a typical thing in the ACME providers, can we include a parameter to actually limit the number of subdomains a TLS Ingress can have in the host? Something like --limit-of-subdomains-per-tls=N and prevent the IngressDeployer to fail-fast without modifying the actual Ingresses.

WDYT? Did it make sense guys? @fiaas/maintainers

oyvindio commented 6 months ago

I'm not sure if it makes sense, but could it be an option to enforce such a limit even before the Application resource is created?

How would deployment of an application where limit-of-subdomains-per-tls is exceeded be handled? Update all other resources (which could in some cases include other ingresses) and then fail the deployment before updating the offending ingress?

I don't have a strong opinion against adding the feature as such, so if it is not possible to do "on the outside" I suppose it makes sense.