-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix ingress annotation and cert-manager configuration 👼 #152
Fix ingress annotation and cert-manager configuration 👼 #152
Conversation
@@ -7,8 +7,8 @@ spec: | |||
email: dlorenc@google.com | |||
privateKeySecretRef: | |||
name: letsencrypt-prod | |||
server: https://acme-staging-v02.api.letsencrypt.org/directory |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was problematic as the generated cert was fake
prow/ingress.yaml
Outdated
@@ -2,7 +2,7 @@ apiVersion: extensions/v1beta1 | |||
kind: Ingress | |||
metadata: | |||
annotations: | |||
cert-manager.io/acme-http01-edit-in-place: "true" | |||
acme.cert-manager.io/acme-http01-edit-in-place: "true" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was blocking the actual cert generation as cert-manager
was trying to create an additionnal ingress and thus, the HTTP challenge was always 404
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be acme.cert-manager.io/http01-edit-in-place: "true"
?
https://cert-manager.io/docs/tutorials/acme/ingress/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes.. I forgot to push my last change 😂
I think it really fixed it 👼 /cc @bobcatfish @dibyom |
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this!
One question before it's merged.
prow/ingress.yaml
Outdated
@@ -2,7 +2,7 @@ apiVersion: extensions/v1beta1 | |||
kind: Ingress | |||
metadata: | |||
annotations: | |||
cert-manager.io/acme-http01-edit-in-place: "true" | |||
acme.cert-manager.io/acme-http01-edit-in-place: "true" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this should be acme.cert-manager.io/http01-edit-in-place: "true"
?
https://cert-manager.io/docs/tutorials/acme/ingress/
This is what was required (with some crazy, not useful hack on my part 😹) to fix https on prow.tekton.dev Signed-off-by: Vincent Demeester <vdemeest@redhat.com>
6e7eb30
to
d45887d
Compare
/lgtm Whoops! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: afrittoli, dibyom The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Changes
This is what was required (with some crazy, not useful hack on my part
😹) to fix https on prow.tekton.dev
As follow-up, we need a little bit more docs/link to help debug potential problems 👼
Signed-off-by: Vincent Demeester vdemeest@redhat.com
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
See the contribution guide
for more details.