No certmanager issuer annotation on Auto DevOps helm chart
Gitlab is deployed using the helm chart, which includes certmanager.
I am attempting to deploy a web site using Auto DevOps.
The TLS certificate is never created, and checking the logs of the
gitlab-certmanager-... POD I see the following error:
E0913 20:40:12.159844 1 controller.go:161] ingress-shim controller: Re-queuing item "mynamespace-production/production-auto-deploy" du │ │ e to error processing: issuer.certmanager.k8s.io "" not found
The Gitlab ingress deployment includes this ingress annotation
certmanager.k8s.io/issuer: gitlab-issuer and thus works fine.
Steps to reproduce
Deploy a project using Auto Devops with certmanager installed via the gitlab helm chart. Note that certmanager is not installed from inside of gitlab, but as part of https://gitlab.com/gitlab-org/charts/gitlab
What is the current bug behavior?
Per summary, certmanager doesn't know who the issuer is, and fails.
What is the expected correct behavior?
The Auto DevOps helm chart should also include
certmanager.k8s.io/issuer: gitlab-issuer or at least have a way to define custom annotations so we can add that ourselves.
Thinking about it more, I think we should be able to override the issuer, because there are cases we may want to use a custom DNS based issuer instead of the default HTTP based one.
Results of GitLab environment info
Expand for output related to GitLab environment info
Installed via GitLab helm chart, currently on version 12.2.5
I think it may be possible to resolve this by adding
annotations: kubernetes.io/tls-acme: "true" kubernetes.io/ingress.class: "nginx" certmanager.k8s.io/issuer: gitlab-issuer
to https://gitlab.com/gitlab-org/charts/auto-deploy-app/blob/master/values.yaml but I believe it should also be possible to override the value of
certmanager.k8s.io/issuer as I mentioned above in the case of wanting to use DNS validation.