refactor controllers to use issuer-lib #161
Assignees
Comments
terinjokes
added a commit
that referenced
this issue
Jan 7, 2025
Refactor this project to utilize cert-manager's issuer-lib packages for creating external issuers that follow the best practices and implied behavior for issuers. This changeset also adds support for Kubernetes 1.19 CertificateSigningRequests as a side effect of utilizing issuer-lib. Bug: #161
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This external issuer was one of the first external issuers, and was implemented without a lot of documentation on how these should work and with a lot of assumptions in the status-based API between cert-manager and external issuers. This has led to reoccuring issues such as #116, #149, and #157 where vagueness in the cert-manager docs have lead to different assumptions between the projects over the years (and bugs for end users).
The cert-manager project has started working on a library to "host" external issuers with a clearer API and requirements: issuer-lib. As this would remove a lot of boilerplate from this external issuer (such as correct approval handling!), we should migrate to it as soon as it becomes stable. It would also make it easier to run the external issuer conformance test suite, once they are available.
The text was updated successfully, but these errors were encountered: