Open xcompass opened 6 years ago
I also have this issue, would be so nice to have this working
same issue :-/
I can work on this issue, but i dont know why is TlsIgnoreDuplicatedSecrets
necessary. Some pointers would be perfect.
I think it tries to avoid to renew the same cert twice. However, when there are multiple ingresses using the same cert, instead of leaving one entry to renew, it just ignore all entries: https://github.com/jetstack/kube-lego/blob/master/pkg/kubelego/configure.go#L34.
I think the correct logic for the section above is to append one entry to output
and ignore the rest.
Currently, certificates referenced by multiple ingress are ignored completely by this function: https://github.com/jetstack/kube-lego/blob/master/pkg/kubelego/configure.go#L11
My use case is: I have two services sharing the same domain but different path. One service requires basic auth and the other one requires no auth. So I can't use one ingress to implement this. I have to use two ingresses with the same host name. But this implementation will trigger the this issue in kube-lego so that the cert can't be renewed.
Any reason why the certs can't be renewed when shared?