Missing webhook-server-cert Secret when installed with Helm

Question

Missing webhook-server-cert Secret when installed with Helm

Closed this issue 3 years ago · 1 comments

Affected Helm chart version: 1.3.9

Detected while upgrading from 1.3.0

When installing with helm, the kube-rbac proxy container wants to mount a webhook-server-cert Secret. Such a secret is not created by Helm.

https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/templates/manager.yaml#L57-L60

Seems there is a toggle to enableCertManager that will provision this cert by cert-manager.

https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/templates/certificate.yaml#L1

In https://github.com/redhat-cop/cert-utils-operator/blob/master/config/helmchart/values.yaml.tpl I can't find a reference for that variable.

As there is a secret called webhook-server-cert and RBAC roles allowing {mutating,validating}webhookconfigurations but there is no MutatingWebhookConfiguration or ValidatingWebhookConfiguration rendered by the helm chart: is it missing or will there be some webhooks in the future?

Answer 1 · 2022-05-28T15:29:12.000Z

the enableCertManager variable is not documented, but you can use it. I'll add it to the value file
the webhooks at the momnent are missing but we create the secret anyway for better alignment with the other operators.