Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bitnami/contour] Allow replacing certgen with cert-manager #29416

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

[bitnami/contour] Allow replacing certgen with cert-manager #29416

wants to merge 4 commits into from
+108 −13

Conversation

tsaarni
Copy link

@tsaarni tsaarni commented Sep 14, 2024
edited
Loading

Description of the change

This update introduces a new option, useCertManager. When set to true, it replaces Contour's certgen with cert-manager by deploying Issuer and Certificate resources to issue TLS certificates for communication between Contour and Envoy. The default value is false.

Benefits

Cert-manager automates certificate life-cycle management, including renewal before expiration. Certgen, on the other hand, issues certificates with a 1-year validity period and does not support automatic rotation.

Possible drawbacks

Enabling this option introduces a dependency on cert-manager.

Applicable issues

Additional information

Checklist

  • Chart version bumped in Chart.yaml according to semver. This is not necessary when the changes only affect README.md files.
  • Variables are documented in the values.yaml and added to the README.md using readme-generator-for-helm
  • Title of the pull request follows this pattern [bitnami/<name_of_the_chart>] Descriptive title
  • All commits signed off and in agreement of Developer Certificate of Origin (DCO)

@github-actions github-actions bot added contour triage Triage is needed labels Sep 14, 2024
@tsaarni tsaarni mentioned this pull request Sep 14, 2024
Closed
@tsaarni
[bitnami/contour] Allow replacing certgen with cert-manager
14f8a95 
* Add an option to use cert-manager to issue certificates for TLS connection
  between Contour and Envoy.

Signed-off-by: Tero Saarni <[email protected]>
@tsaarni tsaarni marked this pull request as ready for review September 15, 2024 06:08
@carrodher carrodher added verify Execute verification workflow for these changes in-progress labels Sep 15, 2024
@github-actions github-actions bot removed the triage Triage is needed label Sep 15, 2024
@github-actions github-actions bot removed the request for review from javsalgar September 15, 2024 08:51
@bitnami-bot
Update CHANGELOG.md
59d829b 
Signed-off-by: Bitnami Containers <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@migruiz4 migruiz4 Awaiting requested review from migruiz4

At least 1 approving review is required to merge this pull request.

Assignees

@migruiz4 migruiz4

Labels
contour in-progress verify Execute verification workflow for these changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[bitnami/contour] I want to use CertManager without using certgen in contour.
5 participants
@tsaarni @javsalgar @carrodher @migruiz4 @bitnami-bot