gitpod-io · roboquat · Jul 21, 2022 · Jul 21, 2022 · Jul 21, 2022
diff --git a/install/installer/go.mod b/install/installer/go.mod
@@ -21,7 +21,7 @@ require (
 	github.com/gitpod-io/gitpod/ws-proxy v0.0.0-00010101000000-000000000000
 	github.com/go-playground/validator/v10 v10.9.0
 	github.com/google/go-cmp v0.5.8
-	github.com/jetstack/cert-manager v1.4.4
+	github.com/jetstack/cert-manager v1.5.0
 	github.com/mikefarah/yq/v4 v4.25.3
 	github.com/replicatedhq/kots v1.67.0
 	github.com/sirupsen/logrus v1.8.1
@@ -45,8 +45,8 @@ require (
 	cloud.google.com/go/storage v1.22.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.18 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
+	github.com/Azure/go-autorest/autorest v0.11.19 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.14 // indirect
 	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
 	github.com/Azure/go-autorest/logger v0.2.1 // indirect
 	github.com/Azure/go-autorest/tracing v0.6.0 // indirect

diff --git a/install/installer/go.sum b/install/installer/go.sum
diff --git a/install/installer/pkg/components/cluster/certmanager.go b/install/installer/pkg/components/cluster/certmanager.go
@@ -53,6 +53,9 @@ func certmanager(ctx *common.RenderContext) ([]runtime.Object, error) {
 					Kind:  "Issuer",
 					Group: "cert-manager.io",
 				},
+				SecretTemplate: &v1.CertificateSecretTemplate{
+					Labels: common.DefaultLabels(Component),
+				},
 			},
 		},
 		// Set the CA to our issuer

diff --git a/install/installer/pkg/components/docker-registry/certificate.go b/install/installer/pkg/components/docker-registry/certificate.go
@@ -6,6 +6,7 @@ package dockerregistry
 
 import (
 	"fmt"
+
 	"github.com/gitpod-io/gitpod/installer/pkg/common"
 	certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 	cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
@@ -37,6 +38,9 @@ func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
 			DNSNames: []string{
 				fmt.Sprintf("registry.%s.svc.cluster.local", ctx.Namespace),
 			},
+			SecretTemplate: &certmanagerv1.CertificateSecretTemplate{
+				Labels: common.DefaultLabels(Component),
+			},
 		},
 	}}, nil
 }
@@ -33,6 +33,9 @@ func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
 			DNSNames: []string{
 				fmt.Sprintf("reg.%s", ctx.Config.Domain),
 			},
+			SecretTemplate: &certmanagerv1.CertificateSecretTemplate{
+				Labels: common.DefaultLabels(Component),
+			},
 		},
 	}}, nil
 }
@@ -36,6 +36,9 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 					Kind:  "Issuer",
 					Group: "cert-manager.io",
 				},
+				SecretTemplate: &certmanagerv1.CertificateSecretTemplate{
+					Labels: common.DefaultLabels(Component),
+				},
 			},
 		},
 	}, nil

diff --git a/install/installer/pkg/components/ws-manager/tlssecret.go b/install/installer/pkg/components/ws-manager/tlssecret.go
@@ -49,6 +49,9 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 					Kind:  "Issuer",
 					Group: "cert-manager.io",
 				},
+				SecretTemplate: &certmanagerv1.CertificateSecretTemplate{
+					Labels: common.DefaultLabels(Component),
+				},
 			},
 		},
 		&certmanagerv1.Certificate{
@@ -67,6 +70,9 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 					Kind:  "Issuer",
 					Group: "cert-manager.io",
 				},
+				SecretTemplate: &certmanagerv1.CertificateSecretTemplate{
+					Labels: common.DefaultLabels(Component),
+				},
 			},
 		},
 	}, nil

@@ -19,3 +19,7 @@ spec:
     - '{{repl ConfigOption "domain" }}'
     - '*.{{repl ConfigOption "domain" }}'
     - '*.ws.{{repl ConfigOption "domain" }}'
+  secretTemplate:
+    labels:
+      app: gitpod
+      component: gitpod-installer