New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Be able to specify a serviceAccount for the HTTP01 ACME solver pod #3852
Comments
PR is #3856 for image pull secret |
This should be added as a field in the API, not as a flag to the controller: https://github.com/jetstack/cert-manager/blob/2abafa18be128cd337ace1cc281ad1518a67b516/pkg/apis/acme/v1/types_issuer.go#L237-L251 |
/priority important-soon |
Issues go stale after 90d of inactivity. |
Stale issues rot after 30d of inactivity. |
Rotten issues close after 30d of inactivity. |
@jetstack-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
When deploying cert-manager using the Helm chart, we can specify the serviceAccount to use for:
But we can't specify it for the HTTP01 ACME solver pod.
The problems with this are:
To solve this, we propose to add a parameter
--acme-http01-solver-service-account
to cert-manager deployment to specify the serviceAccount to use in every namespace./kind feature
The text was updated successfully, but these errors were encountered: