From 68bc5a7940f8b85c638ef76c0d0b2b5137da4c56 Mon Sep 17 00:00:00 2001
From: Szilard Parrag <szilard.parrag@axoflow.com>
Date: Fri, 29 Sep 2023 15:54:03 +0200
Subject: [PATCH 1/3] tailer-webhook: add annotation to the snippet as
 suggested

Signed-off-by: Szilard Parrag <szilard.parrag@axoflow.com>
---
 content/docs/configuration/extensions/tailer-webhook.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/content/docs/configuration/extensions/tailer-webhook.md b/content/docs/configuration/extensions/tailer-webhook.md
index 5165d1f24..027067b5e 100644
--- a/content/docs/configuration/extensions/tailer-webhook.md
+++ b/content/docs/configuration/extensions/tailer-webhook.md
@@ -107,6 +107,8 @@ metadata:
   namespace: logging
   labels:
     app: sample-webhook
+  annotations:
+    cert-manager.io/inject-ca-from: logging/webhook-tls
 webhooks:
   - name: sample-webhook.banzaicloud.com
     clientConfig:
@@ -114,7 +116,6 @@ webhooks:
         name: logging-webhooks
         namespace: logging
         path: "/tailer-webhook"
-      caBundle: $(kubectl get secret webhook-tls -n logging -o json | jq -r '.data["ca.crt"]')
     rules:
       - operations: [ "CREATE" ]
         apiGroups: [""]

From 6c2afd5e114799488d81ea8d8976e97427a71e6c Mon Sep 17 00:00:00 2001
From: Szilard Parrag <szilard.parrag@axoflow.com>
Date: Fri, 29 Sep 2023 16:43:14 +0200
Subject: [PATCH 2/3] tailer-webhook: fix inconsistent example names,
 indentation

Signed-off-by: Szilard Parrag <szilard.parrag@axoflow.com>
---
 .../extensions/tailer-webhook.md              | 25 ++++++++-----------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/content/docs/configuration/extensions/tailer-webhook.md b/content/docs/configuration/extensions/tailer-webhook.md
index 027067b5e..495d21e62 100644
--- a/content/docs/configuration/extensions/tailer-webhook.md
+++ b/content/docs/configuration/extensions/tailer-webhook.md
@@ -160,7 +160,7 @@ To trigger the webhook, add the following annotation to the pod metadata:
 
 ### File tailer example
 
-The following example creates a pod that is running a shell in infinite loop that appends the `date` command's output to a file every second. The annotation `sidecar.logging-extensions.banzaicloud.io/tail` notifies Logging operator to attach a sidecar container to the pod. The sidecar tails the `/legacy-logs/date.log` file and sends its output to the stdout.
+The following example creates a pod that is running a shell in infinite loop that appends the `date` command's output to a file every second. The annotation `sidecar.logging-extensions.banzaicloud.io/tail` notifies Logging operator to attach a sidecar container to the pod. The sidecar tails the `/var/log/date` file and sends its output to the stdout.
 
 ```yaml
 apiVersion: v1
@@ -171,16 +171,13 @@ metadata:
 spec:
     containers:
     - image: debian
-        name: sample-container
-        command: ["/bin/sh", "-c"]
-        args:
-            - while true; do
-                date >> /var/log/date;
-                sleep 1;
-        done
-    - image: debian
-        name: sample-container2
-...
+      name: sample-container
+      command: ["/bin/sh", "-c"]
+      args:
+        - while true; do
+            date >> /var/log/date;
+            sleep 1;
+            done
 ```
 
 After you have created the pod with the required annotation, make sure that the `test-pod` contains two containers by running `kubectl get pod`
@@ -202,15 +199,15 @@ Expected output:
 
 ```bash
 [
-  "test",
-  "legacy-logs-date-log"
+  "sample-container",
+  "sample-container-var-log-date"
 ]
 ```
 
 Check the logs of the `test` container. Since it writes the logs into a file, it does not produce any logs on stdout.
 
 ```bash
-kubectl logs test-pod test; echo $?
+kubectl logs test-pod sample-container; echo $?
 ```
 
 Expected output:

From 62744e8f24ad0fd55f4cf90efe0a6144339d1c1d Mon Sep 17 00:00:00 2001
From: Szilard Parrag <szilard.parrag@axoflow.com>
Date: Fri, 29 Sep 2023 17:11:42 +0200
Subject: [PATCH 3/3] tailer-webhook: add simple cert-manager example

Signed-off-by: Szilard Parrag <szilard.parrag@axoflow.com>
---
 .../extensions/tailer-webhook.md              | 49 ++++++++++++++++++-
 1 file changed, 48 insertions(+), 1 deletion(-)

diff --git a/content/docs/configuration/extensions/tailer-webhook.md b/content/docs/configuration/extensions/tailer-webhook.md
index 495d21e62..08af39765 100644
--- a/content/docs/configuration/extensions/tailer-webhook.md
+++ b/content/docs/configuration/extensions/tailer-webhook.md
@@ -23,7 +23,54 @@ Cons:
 
 ## Enable webhooks in Logging operator {#enable-webhooks}
 
-> We recommend using `cert-manager` to manage your certificates. Since using `cert-manager` is not part of this article, we assume you already have valid certs.
+> We recommend using `cert-manager` to manage your certificates. Below is a really simple command that bootstraps generates the required resources for the `tailer-webhook`.
+### Issuing certificates using `cert-manager` {#issue-certificate-cert-manager}
+
+Follow the [official installation guide](https://cert-manager.io/docs/installation/).
+
+Once installed the following commands should allow you to create the required certificate for the webhook.
+
+```bash
+kubectl apply -f - <<EOF
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned-issuer
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: webhook-tls
+  namespace: logging
+spec:
+  isCA: true
+  commonName: my-selfsigned-ca
+  secretName: webhook-tls
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+  dnsNames:
+    - sample-webhook.banzaicloud.com
+    - logging-webhooks.logging.svc
+  usages:
+    - server auth
+  issuerRef:
+    name: selfsigned-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: my-ca-issuer
+spec:
+  ca:
+    secretName: webhook-tls
+EOF
+```
+
 
 You will require the following things: