contour icon indicating copy to clipboard operation
contour copied to clipboard

Published 20 hours ago verified publisher icon projectcontour

Contour should support cert-managers's webhook solver

Open davecheney opened this issue 6 years ago • 3 comments

cert-manager is changing how certificate challenges are implemented. These are called "solvers" and represent ways of altering Ingress or DNS resources to complete the HTTP-01 or DNS-01 Let's Encrypt Challenge. The mechanism is describe in jetstack/cert-manager#1443.

Broadly a solver implements a web hook administered by the k8s api server as an api extension. This webhook is called by cert-manager to adjust the environment to support Let's Encrypt's challenge.

Contour should grow support for supporting this webhook to allow cert-manager to adjust IngressRoute managed virtualhosts without the grottiness of an amalgam of Ingress and IngressRoute resources to complete the HTTP-01 challenge.

davecheney avatar Mar 20 '19 16:03 davecheney

Its unlikely this will be started before the 0.15 milestone closes on the 23rd. Moving to beta.1

davecheney avatar Aug 19 '19 01:08 davecheney

Moving to the backlog due to a lack of engineering resources and questions about the operational issues of api hooks.

davecheney avatar Oct 03 '19 00:10 davecheney