[Docs] Clarify our CertManager implementation and explain how to replace it if desired
Summary
CertManager is currently used for creating certificates for GitLab endpoints, but it is also used to create a certificate for the Validating Webhook used by the Operator/controller. We should clarify that it is optional, and provide links to documentation explaining how to replace it if desired.
Without this added detail, users might see that CertManager is optional and skip the installation, and then find that the GitLab Operator won't start because it can't find webhook-server-cert
.
Original report
It looks like the kubectl apply operation was terminated part of the way through since I had not yet installed certmanager. The error I received was:
unable to recognize "https://gitlab.com/api/v4/projects/18899486/packages/generic/gitlab-operator/0.1.0/gitlab-operator-kubernetes-0.1.0.yaml": no matches for kind "Certificate" in version "cert-manager.io/v1alpha2"
unable to recognize "https://gitlab.com/api/v4/projects/18899486/packages/generic/gitlab-operator/0.1.0/gitlab-operator-kubernetes-0.1.0.yaml": no matches for kind "Issuer" in version "cert-manager.io/v1alpha2"
We mentioned certmanager as a pre-requisite, but the text say it is "recommended". Should we strengthen this and say certmanager is required? Based on the CRD it's matching on, it seems like this is hardcoded for certmanager.
Acceptance criteria
-
CertManager's implementation is explained (see #373 (comment 700476026) for added detail) -
Links are provided to kubebuilder documentation explaining how to replace CertManager if desired