WIP: Kubectl cert manager install #633
Conversation
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
jetstack-bot
added
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: wallrj The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
There was a problem hiding this comment.
TODO:
- Investigate and discuss the VMWare Veloro CRD upgrade solution:
helm upgradedoes not upgrade the CRDs vmware-tanzu/helm-charts#197 - Create an issue about documenting that CRs are garbage collected when the CRDs are removed: https://cert-manager.io/docs/installation/uninstall/kubernetes/
- Followup on the various forked cert-manager charts mentioned in install CRDs with helm cert-manager#2646
- Find out what Helm have done regarding CRD support since closing: Allow patching/updating CRD resources after first install helm/helm#7735
- Investigate how Linkerd handle CRD installation with Helm : https://linkerd.io/2.10/tasks/install-helm/
- Investigate whether Linkerd install is documented as the preferred install method:https://linkerd.io/2.10/reference/cli/install/
| `kubectl cert-manager install` forms part of a larger planned toolset. | ||
| In cert-manager v1.6 we anticipate a `kubectl cert-manager upgrade` command | ||
| which will convert "stored" version of resources for compatibility with the removal of old API versions in `v1.6`. | ||
| We argue that it would be unbalanced to have an upgrade command without a corresponding install command. |
There was a problem hiding this comment.
| There are various problems with the way Helm manages the installation, upgrading and uninstallation of projects with CRDs. | ||
| Helm recommend putting CRD manifests in a separate `crds/` directory in the chart, | ||
| so that it knows to install those before installing the rest of the chart manifests. | ||
| But cert-manager doesn't follow that recommendation because: |
There was a problem hiding this comment.
Link to helm/helm#7735
OR
Consider expanding https://cert-manager.io/docs/contributing/policy/#helm-crds
| linkTitle: "Frequently asked questions about the Helm package" | ||
| weight: 60 | ||
| type: "docs" | ||
| --- |
There was a problem hiding this comment.
I forgot that there are already some notes about our decisions around Helm, in
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
|
@wallrj: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Design proposal and prototype documentation