Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use cert-manager to issue certificate for the capsule webhooks #554

Closed
viveksyngh opened this issue May 6, 2022 · 3 comments · Fixed by #555
Closed

Use cert-manager to issue certificate for the capsule webhooks #554

viveksyngh opened this issue May 6, 2022 · 3 comments · Fixed by #555
Assignees
@MaxFedotov
Labels
enhancement New feature or request
Milestone
v0.1.2

Comments

@viveksyngh
Copy link
Contributor

viveksyngh commented May 6, 2022
edited
Loading

Describe the feature

the generation of the capsule-tls and capsule-ca, we are doing this through built-in controllers in the capsule and trying to
remove any other dependency required for the capsule to run.

But can we make this feature somehow optional and provide another way to provide the tls cert and ca cert? For other operators, we use cert-manager to inject ca and tls certs for webhooks, we would like to use the same thing for the capsule as well. If we can make these controllers optional and the certs path configurable then we can use cert-manager to inject certificates.

#439 (comment)

What would the new user story look like?

What would the new interaction with Capsule look like? E.g.

  1. What are the prerequisites for this?
  2. Tenant owner creates a new Namespace
  3. This is going to be attached to the Tenant
  4. All the magic happens in the background

Feel free to add a diagram if that helps explain things.

Expected behavior

A clear and concise description of what you expect to happen.
@viveksyngh viveksyngh added the blocked-needs-validation Issue need triage and validation label May 6, 2022
@MaxFedotov
Copy link
Collaborator

@viveksyngh funny thing is that i've just wrote the same thing to @prometherion yesterday :)
Already working on PR, will be ready today or on Monday

@viveksyngh
Copy link
Contributor Author

Yeah, we had the same issue and discussed that solution some time back. here #439 . Happy to review and test it once you have the MR ready.

@MaxFedotov MaxFedotov mentioned this issue May 6, 2022
Merged
@MaxFedotov
Copy link
Collaborator

@viveksyngh done, tested locally and everything is ok

@prometherion prometherion added enhancement New feature or request and removed blocked-needs-validation Issue need triage and validation labels May 23, 2022
@prometherion prometherion added this to the v0.1.2 milestone May 23, 2022
@MaxFedotov MaxFedotov mentioned this issue Jun 2, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MaxFedotov MaxFedotov

Labels
enhancement New feature or request
Projects
None yet
Milestone
v0.1.2
Development

Successfully merging a pull request may close this issue.

support cert-manager for generating tls and ca wgsateam/capsule
3 participants
@viveksyngh @prometherion @MaxFedotov