I saw elsewhere on discord that there are plans to deprecate the built in

cert-manager

option here: https://docs.garden.io/advanced/cert-manager-integration#enabling-and-configuring-cert-manager Probably worth indicating in the docs that this won't be supported going forward. I'm looking for recommendations for the least headache-inducing approach to get TLS set up. I am fine with wildcard certificates for our environment subdomain setups (currently

app.domain.com

,

*.dev.domain.com

,

*.preview.domain.com

). I would use the garden implementation if I didn't see the message about deprecation.

For simpler and less headache inducing I'd give KCert a try: https://github.com/nabsul/kcert

thanks for the recommendation

Interesting, I believe setting the nginx controller to false then running

garden deploy

ought to have had the desired effect of removing the controller but perhaps not?

I do not believe so. Since I first requested this, I've cobbled together a solution using cert-manager helm, a kubernetes module for both the

ClusterIssuer

and

Certificate

and then combined that with the

tlsCertificate

section of the project config.

If it didn't, I'd create an issue in our GitHub

It was, on the other hand it taught me a lot about k8s fundamentals. I was wondering why I was still spending time on this stuff in 2023. There are of course the google based solutions for gke but it would be more complicated to get what I want with dynamic preview environments considering the lack of their support for wildcard certs