lhotari commented on issue #629: URL: https://github.com/apache/pulsar-helm-chart/issues/629#issuecomment-3290905655
I guess the starting point would be to make it clear and consistent from the configuration in `values.yaml` how to use a ClusterIssuer while keeping backwards compatibility. This is the current `certs` key in `values.yaml`: https://github.com/apache/pulsar-helm-chart/blob/ab99e914df5719b396a3ccfc2fc00cee8756df8b/charts/pulsar/values.yaml#L367-L399 I think that instead of adding `certs.cluster_issuer` key, that the correct solution would be to add a `type` under `certs.issuers.ca` key instead: ```yaml certs: # ... # used for certs.internal_issuer.type as ca or when internal_issuer is disabled ca: # The name of the issuer, it is mandatory to specify this value if TLS is enabled # and selfsigning is not used name: # The secret name of the CA certificate, it is mandatory to specify this value if TLS is enabled # and selfsigning is not used secretName: # The k8s type of the issuer: Issuer or ClusterIssuer type: Issuer ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
