Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kube.ts: ClusterIssuer Detection #18450

Closed
17 tasks
gnoejuan opened this issue Nov 24, 2020 · 2 comments
Closed
17 tasks

Kube.ts: ClusterIssuer Detection #18450

gnoejuan opened this issue Nov 24, 2020 · 2 comments
Assignees
@mmorhun
Labels
area/chectl Issues related to chectl, the CLI of Che kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Milestone
7.24

Comments

@gnoejuan
Copy link

Describe the bug

https://github.com/che-incubator/chectl/blob/14fd73f22ca7cdef6503a64306f11c727d2e997d/src/api/kube.ts#L1869

It looks like kube.ts doesn't account for other versions.

image

I cannot confirm right now, I'm currently chasing a different issue, but here is my current clusterissuer

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    email: user@email.com
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      # Secret resource that will be used to store the account's private key.
      name: letsencrypt-prod-key
    solvers:
    - dns01:
        cloudflare:
          email: user@email.com
          apiKeySecretRef:
            name: cloudflare-api-token-secret
            key: api-token
      selector: {}

In the task list, a self-signed certificate is queued.

image

Che version

  • [ x ] latest
  • nightly
  • other: please specify

Steps to reproduce

Expected behavior

Runtime

  • [ x ] kubernetes (include output of kubectl version)
  • Openshift (include output of oc version)
  • minikube (include output of minikube version and kubectl version)
  • minishift (include output of minishift version and oc version)
  • docker-desktop + K8S (include output of docker version and kubectl version)
  • other: (please specify)

Screenshots

Installation method

  • [ x ] chectl
    • provide a full command that was used to deploy Eclipse Che (including the output)

chectl server:deploy --che-operator-cr-yaml='/media/charlesrod/KINGSTON/kubernetes/k8s/che/che-cluster.yaml' -a operator -p k8s -b che-che.charlesrod.me

 * provide an output of `chectl version` command

chectl/7.22.0 linux-x64 node-v10.23.0

  • OperatorHub
  • I don't know

Environment

  • my computer
    • Windows
    • [ x ] Linux
    • macOS
  • Cloud
    • Amazon
    • Azure
    • GCE
    • [ x ] other (please specify): k3os
  • other: please specify

Eclipse Che Logs

Additional context
@gnoejuan gnoejuan added the kind/bug Outline of a bug - must adhere to the bug report template. label Nov 24, 2020
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Nov 24, 2020
@tolusha tolusha added severity/P1 Has a major impact to usage or development of the system. area/chectl Issues related to chectl, the CLI of Che and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Nov 25, 2020
@tolusha
Copy link
Contributor

tolusha commented Nov 25, 2020

@gnoejuan
I got it.

@tolusha tolusha added this to the 7.24 milestone Dec 2, 2020
@tolusha tolusha mentioned this issue Dec 7, 2020
Closed
56 tasks
@mmorhun mmorhun self-assigned this Dec 15, 2020
@mmorhun mmorhun mentioned this issue Dec 17, 2020
Merged
9 tasks
@tolusha tolusha closed this as completed Dec 22, 2020
@mmorhun
Copy link
Contributor

mmorhun commented Dec 22, 2020

Reported problem is fixed. Now, Che will pick up cluster issuer from cert-manager namespace if there is only one. If there are two or more, then client/org.eclipse.che=true label should be added to the cluster issuer that is desired to be used by Che. If none is present, then Che will create own one (as it was before).
Sadly, but I didn't have infrastructure to test the PR with Let's Encrypt cluster issuer, so it might have another problem later. Please report a new issue if something goes wrong and we'll try to handle that.

@AussieScorpio AussieScorpio mentioned this issue Sep 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmorhun mmorhun

Labels
area/chectl Issues related to chectl, the CLI of Che kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
7.24
Development

No branches or pull requests
4 participants
@tolusha @gnoejuan @mmorhun @che-bot