Install cert-manager with a cluster management project

Assuming you already have a Cluster management project created from a management project template, to install cert-manager you should uncomment this line from your helmfile.yaml:

  - path: applications/cert-manager-1-4/helmfile.yaml

NOTE: We kept the - path: applications/cert-manager/helmfile.yaml with cert-manager v0.10 to facilitate the migration from GitLab Managed Apps to a cluster management project.

cert-manager:

  • Is installed by default into the gitlab-managed-apps namespace of your cluster.
  • Can be installed with or without a default Let's Encrypt ClusterIssuer, which requires an email address to be specified. The email address is used by Let's Encrypt to contact you about expiring certificates and issues related to your account.

To install cert-manager in your cluster, configure your applications/cert-manager-1-4/helmfile.yaml to:

certManager:
  installed: true
  letsEncryptClusterIssuer:
    installed: true
    email: "user@example.com"

Or without the default ClusterIssuer:

certManager:
  installed: true
  letsEncryptClusterIssuer:
    installed: false

You can customize the installation of cert-manager by defining a .gitlab/managed-apps/cert-manager/values.yaml file in your cluster management project. Refer to the chart for the available configuration options.