This repository has been archived by the owner on Feb 12, 2024. It is now read-only.
[cetic/nifi] Allow cert-manager to use an existing cert-manager CA #284
Labels
enhancement
New feature or request
Comments
rajan123456
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is your feature request related to a problem? Please describe.
When installing this helm chart, I would like to make use of cert-manager related objects to generate and mount certificates to the workloads. However, current cert-manager implementation creates it's own Issuer objects. I would like to have either an option to make use of an existing ClusterIssuer or Issuer which refers to a pre-existing secret which can be controlled from the values.yaml file.
Describe the solution you'd like
Allow modification to the Issuer object to make use of an existing secret, or disable the creation of Issuer entirely and refer to a ClusterIssuer instead.
Describe alternatives you've considered
Using the existing helm chart by disabling cert-manager requires manually plugging in Certificates, which is painful.
Manually modify the Issuer post installation to make use of existing secrets, which is painful.
Automate modifications to the Issuer objects using helm postRenderer and kustomize, which is cumbersome to maintain.
Additional context
For OIDC, I would prefer to use a ClusterIssuer across namespaces which generates certificates for both my OIDC IdP and nifi, which exist in different namespaces.
The text was updated successfully, but these errors were encountered: