Why require cert-manager?

[icco]

None of our other helmcharts that have webhooks require certmanager. Could you explain more in the readme why this is required or make it optional?

[h3poteto]

Because this controller uses a webhook server for validating. We need a certificate to deploy webhook servers, and cert-manager is easy to manage certificates. If you don't need validation, you can skip cert-manager, but I don't recommend it.

[icco]

Right now this helmchart fails to install on clusters without cert-manger.

[h3poteto]

Yes, I don't recommend it.

[icco]

Would you be open to a PR to your helm chart to allow the webhook to run without certmanager? Is certmanager required by the code anywhere, or just so the webhook has a certificate on it?

[h3poteto]

Is certmanager required by the code anywhere

No, but it will no longer be validated. Is it okay?

[icco]

I created https://github.com/h3poteto/aws-global-accelerator-controller/pull/209 as a proposal for allowing running the webhook without SSL.

[h3poteto]

BTW, what happens if you disable webhook in helm chart? https://github.com/h3poteto/charts/tree/master/stable/aws-global-accelerator-controller

Should I open a PR to use HTTP webhook?

[icco]

@h3poteto I took a pass at it with https://github.com/h3poteto/charts/pull/117. I haven't done much helm chart configuration before, so if there are things I should adjust please let me know. I'll be able to test it tomorrow when I'm back at work.