maraino
commented
10 months ago Hi @infinitydon, the error that you see (error opening Badger database: manifest has unsupported version: 7 (we support 4).), is caused because the database configuration in the ca.json is set to use badgerv2, but you database was created using badgerv1. If you don't want to get rid of your database you can just change the ca.json ConfigMap (step-certificates-config). You can also use k9s to edit it, it will be way easier.
Regarding the bootstrap script, it is deprecated and it will go away at some point, but it is still the default 😅. The recommended way to configure the chart is using a values.yaml from step ca init --helm:
step ca init --helm > values.yaml
echo "password" | base64 > password.txt
helm install -f values.yaml \
--set inject.secrets.ca_password=$(cat password.txt) \
--set inject.secrets.provisioner_password=$(cat password.txt) \
--set service.targetPort=9000 \
step-certificates smallstep/step-certificatesThis way can change the values.yaml as you wish, it will allow you to replicate the same configuration on a different environment, and provide an easier way to upgrade.
You can see more information in the README.md
I'm closing this issue for now, but feel free to open it if you see any problems.
Hi,
Currently overriding the default values for the step-ca certificate configmap is not straight forward, I simply want to change maxTLSCertDuration from it's default value. I used the following helm command:
But this did not work, I was getting the following errors in the step-ca statefulset:
It seems there are other additional parameters generation that the bootstrap job is doing.
Can we have the procedure of changing specific values like the one I mentioned without breaking the deployment?
Or maybe provide a way to modify the contents of what the bootstrap job will be use to create the required secret/configmaps?
Thanks