-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Subscription does not expose basic cert-manager controller configurations #200
Comments
As per current design, it provides an object
and the dns01 recursive nameservers by:
Please also ref: https://docs.openshift.com/container-platform/4.16/security/cert_manager_operator/cert-manager-customizing-api-fields.html |
"It's okay to be not okay." we use Openshift 4.14.30
If parameters are not exposed via environment vars and/or extra mounts in the catalog (which injection is permitted by customizing the associated Subscription), I'm afraid we can't override anything. |
Hi @absynth76, I think I know what the exact issue is. From your shared info I guess that you are using the operator provided by the cert-manager community (doc, operatorhub page, repo), right? But this repository is for the RedHat-provided operator (full name is "cert-manager Operator for Red Hat OpenShift"), and it has not released v1.15 yet. So it won't have a CertManager CRD. TBH, I have limited experience with the operator provided by the community. After a quick search, it seems to be a known issue that it does not support customizing deployment configurations well through OLM: cert-manager/cert-manager-olm#22 Please note that we do not support the community operator. You may want to consider switching to the Red Hat-provided operator to utilize this capability and receive our full support. |
Hello @lunarwhite Thanks! This is precisely this. Sorry I innocently thought we are running the Redhat operator one knowing I'm working with a redhat subscription covered environment. |
Using Subscription to install cert-manager does not permit to alter its configuration, among them:
everything is hardcoded in the csv and cannot be changed.
This is fairly limiting subscription usage and almost force everybody to use the helm chart or else to deploy.
related code is located within bindata.go
this is the issue when using OLM, you need to expose every capability over environment variables as it's done via the downward api with POD_NAMESPACE here.
The text was updated successfully, but these errors were encountered: