Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add optional role parameter for cert-manager add-on #2087

Merged
merged 5 commits into from
Jun 21, 2023
Merged

feat: Add optional role parameter for cert-manager add-on #2087

merged 5 commits into from
Jun 21, 2023

Conversation

oleksiimorozenko
Copy link
Contributor

Add optional role parameter for cert-manager add-on

Description

In case someone's doing certificates cross-account, the following resources assigning/assuming roles and permissions are needed
For example, cert-manager needs to create a certificate in the local account using DNS challenge, but there's no Route53 zone in this account
In order to make the challenge, it needs to use the IRSA role which can assume the role in another account where the Route53 zone lives. In turn, this role from the account holding Route53 zone should allow being assumed by this IRSA role
But moreover, the IRSA role says that cert-manager can assume the role, but not giving the instruction to do this
That's why a custom ClusterIssuer resource is needed with the added role parameter which is currently not supported by the root module

Checklist

@oleksiimorozenko oleksiimorozenko requested a review from a team as a code owner June 15, 2023 20:01
@oleksiimorozenko oleksiimorozenko requested review from ArchiFleKs and rguichard and removed request for a team June 15, 2023 20:01
@oleksiimorozenko
Add optional role for cert-manager addon
7b34875 
Signed-off-by: Oleksii Morozenko <oleksii.morozenko@gmail.com>
@oleksiimorozenko
Add configuration option
b223d8d 
Signed-off-by: Oleksii Morozenko <oleksii.morozenko@gmail.com>
@oleksiimorozenko oleksiimorozenko changed the title Add optional role parameter for cert-manager add-on feat: Add optional role parameter for cert-manager add-on Jun 15, 2023
@mergify mergify bot merged commit 04f958b into particuleio:main Jun 21, 2023
12 checks passed
@github-actions
Copy link

🎉 This PR is included in version 14.1.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ArchiFleKs ArchiFleKs ArchiFleKs approved these changes

@rguichard rguichard Awaiting requested review from rguichard rguichard is a code owner automatically assigned from particuleio/team

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@oleksiimorozenko @ArchiFleKs