Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move Issuer / ClusterIssuer and Certificate resource content to a sub-folder of configuration/ #1075

Open
wants to merge 4 commits into
base: master
Choose a base branch
from

Conversation

wallrj
Copy link
Member

@wallrj wallrj commented Sep 9, 2022

Preview: https://deploy-preview-1075--cert-manager-website.netlify.app/

Part of the #1048 where we presented an improved overall navigation structure for the site.

  • Moved configuration/* > configuration/issuer-and-clusterissuer-resources/*
  • Moved usage/certificate > configuration/certificate-resources
  • Updated all the affected links within the site.
  • Added redirects for the benefit of people linking to our site
  • Improved the page descriptions and opening paragraphs of each of the Issuer type pages and the certificate resource page
  • Added a list of all the issuer types to the configuration/issuer-and-clusterissuer-resources/ homepage, because the side menu is not always expanded when you visit that page.

/cc @maelvls @mehak151 (and @jsoref ...if you have time)

@jetstack-bot jetstack-bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 9, 2022
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: wallrj

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 9, 2022
@netlify
Copy link

netlify bot commented Sep 9, 2022

Deploy Preview for cert-manager-website ready!

Name Link
🔨 Latest commit fe41ac9
🔍 Latest deploy log https://app.netlify.com/sites/cert-manager-website/deploys/6321f2cb38a56100085b2f93
😎 Deploy Preview https://deploy-preview-1075--cert-manager-website.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@wallrj wallrj changed the title WIP: Move Issuer / ClusterIssuer content to a sub-folder of configuration/ Move Issuer / ClusterIssuer and Certificate resource content to a sub-folder of configuration/ Sep 14, 2022
@jetstack-bot jetstack-bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 14, 2022

After installing cert-manager you will find that some new resource types have been added to the Kubernetes API server
such as `Issuer`, `ClusterIssuer`, and `Certificate`.
They all have `metadata`, `spec` and `status` fields, just like other Kubernetes resources.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
They all have `metadata`, `spec` and `status` fields, just like other Kubernetes resources.
They each have `metadata`, `spec` and `status` fields, just like other Kubernetes resources.

Comment on lines +11 to +12
After installing cert-manager you will find that some new resource types have been added to the Kubernetes API server
such as `Issuer`, `ClusterIssuer`, and `Certificate`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
After installing cert-manager you will find that some new resource types have been added to the Kubernetes API server
such as `Issuer`, `ClusterIssuer`, and `Certificate`.
After installing cert-manager you will find see new resource types have been added to the Kubernetes API server
including `Issuer`, `ClusterIssuer`, and `Certificate`.

I believe that cert-manager also adds Orders and Challenges.

Whenever you create or update one of these resources cert-manager will react;
it will do some work and it will update the status with information about what it has done.

Here is an overview of each of these resources explaining when you should create them and what cert-manager will do in each case.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Here is an overview of each of these resources explaining when you should create them and what cert-manager will do in each case.
Here is an overview of each of these resources explaining when you should create them and what cert-manager will do for each resource type.

Resource Namespace`. By default, this namespace is `cert-manager` however it can be
changed via a flag on the cert-manager-controller component:
Next you'll probably want to create a Certificate.
This resource represents a desired X.509 certificate which will be signed and renewed before it expires.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This resource represents a desired X.509 certificate which will be signed and renewed before it expires.
This resource represents a desired X.509 certificate which cert-manager will try to get signed and renewed before it expires.

changed via a flag on the cert-manager-controller component:
Next you'll probably want to create a Certificate.
This resource represents a desired X.509 certificate which will be signed and renewed before it expires.
The private key and signed certificate will be stored in a Secret which you can then mount in to a Pod or use in an Ingress resource.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The private key and signed certificate will be stored in a Secret which you can then mount in to a Pod or use in an Ingress resource.
The private key and signed certificate will be stored in a Secret which you can then mount into a Pod or use in an Ingress resource.

---

Learn about Certificate resources which represent a desired X.509 certificates which will be signed and renewed before they expire.
The private key and signed certificate will be stored in a Secret which you can then mount in to a Pod or use in an Ingress resource.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
The private key and signed certificate will be stored in a Secret which you can then mount in to a Pod or use in an Ingress resource.
The private key and signed certificate will be stored in a Secret which you can then mount into a Pod or use in an Ingress resource.

Comment on lines 12 to 14
In cert-manager, the [`Certificate`](../concepts/certificate.md) resource
represents a human readable definition of a certificate request that is to be
honored by an issuer which is to be kept up-to-date. This is the usual way that
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
In cert-manager, the [`Certificate`](../concepts/certificate.md) resource
represents a human readable definition of a certificate request that is to be
honored by an issuer which is to be kept up-to-date. This is the usual way that
In cert-manager, the [`Certificate`](../concepts/certificate.md) resource
represents a human readable definition of a certificate request that is to be
honored by an issuer and which cert-manager will try to keep up-to-date. This is the usual way that

@@ -180,43 +180,31 @@
"title": "Introduction",
"path": "/docs/configuration/README.md"
},
{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
{
{

Comment on lines 256 to +257
]
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The whitespace here looks suspicious

@jetstack-bot jetstack-bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Sep 28, 2022
@jetstack-bot
Copy link
Contributor

@wallrj: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Copy link
Member

@inteon inteon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wallrj I think "Issuers" should be a top level menu item.

The layout could look like this:

  • Issuers
    • Introduction
    • Full list
    • In-tree issuer config
      • ACME
      • SelfSigned
      • CA
      • Vault
      • Venafi
    • External issuer config
  • Requesting Certificates
    • Introduction
    • Certificate [cert-manager.io/v1]
    • Ingress [networking.k8s.io/v1]
    • GatewayAPI [gateway.networking.k8s.io/v1beta1]
    • CertificateSigningRequest [certificates.k8s.io/v1]
    • Istio Service Mesh
    • CSI Driver
    • CSI Driver SPIFFE

@inteon
Copy link
Member

inteon commented Nov 20, 2023

This has been solved in an alternative way.

TODO: recover the changes made in the following files & apply them to the new website structure (if possible)

  • content/docs/configuration/README.md
  • content/docs/configuration/certificate-resources.md
  • content/docs/configuration/issuer-and-clusterissuer-resources/README.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants