Skip to content

Commit

Permalink
Document that pod template spec should be used instead of flags
Browse files Browse the repository at this point in the history
For configuring ACME HTTP-01 solver pod

Signed-off-by: irbekrm <irbekrm@gmail.com>
irbekrm committed Aug 9, 2022
1 parent 58b226e commit 584147d
Showing 2 changed files with 11 additions and 0 deletions.
5 changes: 5 additions & 0 deletions cmd/controller/app/options/options.go
Original file line number Diff line number Diff line change
@@ -290,6 +290,11 @@ func (s *ControllerOptions) AddFlags(fs *pflag.FlagSet) {
"'foo'.\nAll controllers: %s",
strings.Join(allControllers, ", ")))

// HTTP-01 solver pod configuration via flags is a now deprecated
// mechanism- please use pod template instead when adding any new
// configuration options
// https://github.com/cert-manager/cert-manager/blob/f1d7c432763100c3fb6eb6a1654d29060b479b3c/pkg/apis/acme/v1/types_issuer.go#L270
// These flags however will not be deprecated for backwards compatibility purposes.
fs.StringVar(&s.ACMEHTTP01SolverImage, "acme-http01-solver-image", defaultACMEHTTP01SolverImage, ""+
"The docker image to use to solve ACME HTTP01 challenges. You most likely will not "+
"need to change this parameter unless you are testing a new feature or developing cert-manager.")
6 changes: 6 additions & 0 deletions pkg/issuer/acme/http/pod.go
Original file line number Diff line number Diff line change
@@ -155,6 +155,12 @@ func (s *Solver) buildPod(ch *cmacme.Challenge) *corev1.Pod {
return pod
}

// Note: this function builds pod spec using defaults and any configuration
// options passed via flags to cert-manager controller.
// Solver pod configuration via flags is a now deprecated
// mechanism- please use pod template instead when adding any new
// configuration options
// https://github.com/cert-manager/cert-manager/blob/f1d7c432763100c3fb6eb6a1654d29060b479b3c/pkg/apis/acme/v1/types_issuer.go#L270
func (s *Solver) buildDefaultPod(ch *cmacme.Challenge) *corev1.Pod {
podLabels := podLabels(ch)

0 comments on commit 584147d

Please sign in to comment.