Resolve "Installing with own ingress and cert-manager only requests a single certificate - documentation issue?"
Summary
Clarify documentation surrounding self-signed certificates behavior, and how to make use of external cert-manager
deployment. Extend the handling in templates/NOTES.txt
to check for configurations appropriate to warn users.
I combined these changes with #615 (closed) / #682 (closed) because the use of an external load balancer would exhibit the same symptoms as addressed regarding an external cert-manager
Individual changes
Per https://gitlab.com/charts/gitlab/issues/732#note_102333857
Doc: corrections to various `tls.secretName` documentation
Update documentation in `doc/charts/globals.md` and `doc/installation/command-line-options.md` in regards to the location and values of various `ingress.tls.secretName` properties.
- Remove all references to `global.hosts.*.tls.secretName`, as not accurate.
- Update default values for `ingress.tls.secretName` items.
doc: Add `global.ingress.configureCertmanager` documentation
The `global.ingress.configureCertmanager` property was not documented in `doc/charts/globals.md`. Add documentation of this property, and the behavior surrounding it in conjunction `*.ingress.tls.secretName`s.
NOTES.txt: Better handle conditions for self-signed certificates
Only warn about self-signed certificates if:
- At least one service needing a certificate is enabled
- `global.ingress.configureCertmanger: false`
- `gitlab.ingress.tls.configured` template returns ``
Inform the user to set various `*.ingress.tls.secretName` values in order to _not_ use self-signed certificate.
To #615 (closed) & #682 (closed)
NOTES: remove `fail` surrounding runner with self-signed certificates
Per #682, #615
Remove the `fail` around the warning about self-signed certificates for `gitlab-runner`, making it a warning instead.
Closes #732 (closed), #615 (closed), #682 (closed)