Certificate Manager Kubernetes RA docs are out of date

[tashian]

This tutorial is out of date:

https://smallstep.com/docs/registration-authorities/acme-for-certificate-manager#run-a-registration-authority-on-kubernetes

The proper process should be:

https://github.com/smallstep/helm-charts/tree/master/step-certificates#tldr https://github.com/smallstep/helm-charts/tree/master/step-certificates/examples#registration-authority-connected-to-smallstep-certificate-manager-hosted-certificate-authority

More context in the Discord:

https://discord.com/channels/837031272227930163/841249977699401759/1037518365301940244

[hslatman]

@tashian in addition to starting a basic CA config with Helm, I've now also done an RA. It seems the new way (step ca init --helm) doesn't respect all options, so we should fix that in the CLI (and step-ca). I had to manually edit the generated values.yml to make it work as a stepcas authority. You can find some more context about this further down the Discord chat.

It appears that @maraino also thought about this case: https://github.com/smallstep/cli/issues/598 😄

The Helm changes look similar to the things I've recently done for --acme and --remote-management. I can probably give this a shot soon 🙂

[dopey]

https://github.com/smallstep/helm-charts/pull/125

[tashian]

Hi @hslatman, just checking back on this one. I just revisited step-issuer and autocert, so this would be a good time for me to do a cycle on these Helm RA docs. If you think you'll get to this issue soon, then I'll wait. Otherwise, I will go ahead and update the docs based on the current situation and the workaround you mentioned in Discord.

[hslatman]

If you don't have to spend hours on changing the docs for the current situation, then I think that's the best option now. It's been a while since I looked at this, so it probably takes a bit to get up steam again and I have some higher priority things scheduled first.