charts icon indicating copy to clipboard operation
charts copied to clipboard
verified publisher icon streamnative

[charts/pulsar] Add ability to specify the cert-manager apiVersion

Open pavel-hladik opened this issue 3 years ago • 6 comments

Motivation

Without enabled TLS the helm-controller refuses the helmrelease by the reason:

      Helm install failed: error while running post render on files: map[string]interface {}(nil): yaml: unmarshal errors:
        line 43: mapping key "brokerServiceURL" already defined at line 41
        line 44: mapping key "brokerWebServiceURL" already defined at line 42

This should be solved to enable:

    tls:
      enabled: true
      broker:
        enabled: true

The condition is here. But when trying to use the cert-manager and internal_issuer, the certs are not issued because the templates are using deprecated apiVersion cert-manager.io/v1alpha2.

Modifications

Adding ability to specify the cert-manager apiVersion.

Documentation

  • [x] no-need-doc

I'm not sure if this change needs a docs change.

pavel-hladik avatar Mar 09 '22 11:03 pavel-hladik

@pavel-hladik:Thanks for your contribution. For this PR, do we need to update docs? (The PR template contains info about doc, which helps others know more about the changes. Can you provide doc-related info in this and future PR descriptions? Thanks)

github-actions[bot] avatar Mar 09 '22 11:03 github-actions[bot]

The one question I have is if the schema for the spec section is correct in the "tls-certs-internal.yaml" if you use the newer cert manager?

From what I have found these items in the spec section are not valid with the newer cert-manager.io/v1:

  • organization ( it seems to be under subject.organizations )
  • keySize ( it seems to be under privateKey.size )
  • keyAlgorithm ( it seems to be under privateKey.algorithm )
  • keyEncoding ( it seems to be under privateKey.encoding )

bsheltonihs avatar Mar 09 '22 19:03 bsheltonihs

The one question I have is if the schema for the spec section is correct in the "tls-certs-internal.yaml" if you use the newer cert manager?

From what I have found these items in the spec section are not valid with the newer cert-manager.io/v1:

  • organization ( it seems to be under subject.organizations )
  • keySize ( it seems to be under privateKey.size )
  • keyAlgorithm ( it seems to be under privateKey.algorithm )
  • keyEncoding ( it seems to be under privateKey.encoding )

Hi, pls see my update. I already tested my modification and it works.

pavel-hladik avatar Mar 10 '22 14:03 pavel-hladik

Looks good to me and the quick test I ran on my end worked also! Thanks for the help with this!

bsheltonihs avatar Mar 11 '22 00:03 bsheltonihs

@sijie could you please help verify whether we need to add/update doc for this PR? Thanks

Huanli-Meng avatar Apr 19 '22 02:04 Huanli-Meng

Hi! Any update on this?

hadican avatar Jun 15 '22 10:06 hadican

Close this in favor of #807

maxsxu avatar Feb 24 '23 07:02 maxsxu