---------------------- To provide ingresses in the spec with a proper TLS certificate, you need to follow these steps: 1. **Create a TLS Certificate**: You can use your cloud provider's certificate management service in combination with a load balancer. If you are manually creating or obtaining the certificates (and you have the

.crt

and

.key

files), create a Kubernetes Secret for each cert in the cluster so they can be referenced when deploying services. You can do this using the following command:

bash
kubectl create secret tls mydomain-tls-secret --key <path-to-key-file> --cert <path-to-crt-file>

(Source: Garden Kubernetes Plugins ()) 2. **Configure the Certificate in Kubernetes**: If you're storing certs as Kubernetes Secrets, make note of their names and namespaces. 3. **Specify the Ingress in the Spec**: In your Garden configuration file (usually

garden.yml

), under the

spec

field, you can specify the

ingresses

field. Here's an example:

yaml
spec:
 ...
 ingresses:
 - path: /api
   port: http

(Source: Garden Container Deploy ()) 4. **Annotate the Ingress**: You can set annotations on ingresses under the

spec.ingresses[]

field. This is useful for adding additional metadata or configuration to the ingress. Here's an example:

yaml
spec:
 ...
 ingresses:
 - path: /api
   port: http
   annotations:
     nginx.ingress.kubernetes.io/proxy-body-size: '0'

(Source: Garden Container Deploy Annotations ())

Please note that the actual configuration may vary depending on your specific use case and the ingress controller you are using. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------

message has been deleted