search

redhat-cop / cert-utils-operator

Set of functionalities around certificates packaged in a Kubernetes operator
Apache License 2.0
94 stars 35 forks source link

Missing webhook-server-cert Secret when installed with Helm #132

Closed vinzent closed 2 years ago

vinzent commented 2 years ago

Affected Helm chart version: 1.3.9

Detected while upgrading from 1.3.0

When installing with helm, the kube-rbac proxy container wants to mount a webhook-server-cert Secret. Such a secret is not created by Helm.

https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/templates/manager.yaml#L57-L60

Seems there is a toggle to enableCertManager that will provision this cert by cert-manager.

https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/templates/certificate.yaml#L1

In https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/values.yaml.tpl I can't find a reference for that variable.

As there is a secret called webhook-server-cert and RBAC roles allowing {mutating,validating}webhookconfigurations but there is no MutatingWebhookConfiguration or ValidatingWebhookConfiguration rendered by the helm chart: is it missing or will there be some webhooks in the future?

raffaelespazzoli commented 2 years ago

the enableCertManager variable is not documented, but you can use it. I'll add it to the value file the webhooks at the momnent are missing but we create the secret anyway for better alignment with the other operators.