You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, there seems to be no way to add these things to the kops managed cert-manager, so one would be required to manage it by themselves. Ideally, it would be nice to have some way to enable these via kops as well to allow flexibility in that regard.
2. Feel free to provide a design supporting your feature request.
Either supporting a string that's passed or a subset of feature flags would be nice to be able to better support non-native apps on a k8s kops cluster more easily.
The text was updated successfully, but these errors were encountered:
@hakman Hi first of all thanks to the PR. There seems to be a slight bug with it though. The cerrt manager docs say it must also be set on the webhook pod and not just the main pod:
This feature is only enabled by adding it to the --feature-gates flag on the cert-manager controller and webhook components:
However https://cert-manager.io/docs/installation/configuring-components/#feature-gates also mentions that each component has different tables of feature gates. Possibly it should be split up like that in the yaml as well? Should I open a new ticket or reopen this one? (and yes I realise I should have been clearer on that.)
/kind feature
1. Describe IN DETAIL the feature/behavior/change you would like to see.
Cert-manager has some things still behind Feature Gates this specifically is the case for outputting the pem format (see https://cert-manager.io/docs/usage/certificate/#additional-certificate-output-formats ) which some services which don't work k8s native, like ejabberd, require. (See https://github.com/sando38/helm-ejabberd/blob/main/charts/ejabberd/README.md#domain-tls-certificates-and-acme-client for ejabberd specifically).
Currently, there seems to be no way to add these things to the kops managed cert-manager, so one would be required to manage it by themselves. Ideally, it would be nice to have some way to enable these via kops as well to allow flexibility in that regard.
2. Feel free to provide a design supporting your feature request.
Either supporting a string that's passed or a subset of feature flags would be nice to be able to better support non-native apps on a k8s kops cluster more easily.
The text was updated successfully, but these errors were encountered: