Install cert-manager with a cluster management project
- Introduced in GitLab 14.0.
- Support for cert-manager v1.4 was introduced in GitLab 14.3.
- Upgraded to cert-manager 1.7 in GitLab 14.8.
Assuming you already have a project created from a
management project template, to install cert-manager you should
uncomment this line from your
- path: applications/cert-manager/helmfile.yaml
And update the
applications/cert-manager/helmfile.yaml with a valid email address.
values: - letsEncryptClusterIssuer: # # IMPORTANT: This value MUST be set to a valid email. # email: email@example.com
If your Kubernetes version is earlier than 1.20 and you are migrating from GitLab Managed Apps to a cluster management project, then you can instead use
- path: applications/cert-manager-legacy/helmfile.yamlto take over an existing release of cert-manager v0.10.
- Is installed by default into the
gitlab-managed-appsnamespace of your cluster.
- Includes a
ClusterIssuerenabled by default. In the
certmanager-issuerrelease, the issuer requires a valid email address for
letsEncryptClusterIssuer.email. Let’s Encrypt uses this email address to contact you about expiring certificates and issues related to your account.
- Can be customized in
applications/cert-manager/helmfile.yamlby passing custom
certmanagerrelease. Refer to the chart for the available configuration options.