Keptn Certificate Manager
Keptn Cert Manager
The Lifecycle Toolkit includes a Mutating Webhook which requires TLS certificates to be mounted as a volume in its pod. In version 0.6.0 and later, the certificate creation is handled automatically by the klt-cert-manager.
The certificate is created as a secret in the keptn-lifecycle-toolkit-system
namespace with a renewal threshold of 12
hours.
If it expires, the klt-cert-manager
renews it.
The Lifecycle Toolkit operator waits for a valid certificate to be ready.
The certificate is mounted on an empty dir volume in the operator.
When a certificate is left over from an older version, the webhook or the operator may generate errors because of an invalid certificate. To solve this, delete the certificate and restart the operator.
Last modified 2023-05-03: releasing documentation v0.7.1 (f2d8be6)