self-hosted/docs: GKE reference architecture doesn't create external-dns secret #12403
Labels
feature: documentation
meta: stale
This issue/PR is stale and will be closed soon
self-hosted: reference-architecture
team: delivery
Issue belongs to the self-hosted team
type: bug
Something isn't working
Comments
adrienthebo
added
type: bug
lucasvaltl
moved this to 📓Scheduled
in 🚚 Security, Infrastructure, and Delivery Team (SID)
22 tasks
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Repository owner
moved this from 📓Scheduled
to ✨Done
in 🚚 Security, Infrastructure, and Delivery Team (SID)
Dec 23, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe
The GKE reference architecture describes how to setup external-dns with a newly created managed zone and provides a secret key under which GCP service accounts can be found, but doesn't create a Kubernetes secret that the external-dns service account can access (as the only secret created is in the cert-manager namespace). This creates an external-dns installation without the necessary credentials for interacting with the Cloud DNS API.
Describe the behaviour you'd like
The GKE reference architecture should explicitly create a Kubernetes secret with the GCP Cloud DNS credentials and reference that secret when installing the external-dns helm chart.
The text was updated successfully, but these errors were encountered: