Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: OtherName configuration references updated #1403

Merged
merged 1 commit into from
Jan 31, 2024
Merged

docs: OtherName configuration references updated #1403

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 15 additions & 14 deletions content/docs/cli/controller.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,20 +37,21 @@ Flags:
--dns01-recursive-nameservers-only When true, cert-manager will only ever query the configured DNS resolvers to perform the ACME DNS01 self check. This is useful in DNS constrained environments, where access to authoritative nameservers is restricted. Enabling this option could cause the DNS01 self check to take longer due to caching performed by the recursive nameservers.
--enable-certificate-owner-ref Whether to set the certificate resource as an owner of secret where the tls certificate is stored. When this flag is enabled, the secret will be automatically removed when the certificate resource is deleted.
--enable-profiling Enable profiling for controller.
--feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AdditionalCertificateOutputFormats=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
DisallowInsecureCSRUsageDefinition=true|false (BETA - default=true)
ExperimentalCertificateSigningRequestControllers=true|false (ALPHA - default=false)
ExperimentalGatewayAPISupport=true|false (ALPHA - default=false)
LiteralCertificateSubject=true|false (ALPHA - default=false)
SecretsFilteredCaching=true|false (BETA - default=true)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (BETA - default=true)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
UseCertificateRequestNameConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
--feature-gates mapStringBool A set of key=value pairs that describe feature gates for alpha/experimental features. Options are:
AdditionalCertificateOutputFormats=true|false (ALPHA - default=false)
AllAlpha=true|false (ALPHA - default=false)
AllBeta=true|false (BETA - default=false)
DisallowInsecureCSRUsageDefinition=true|false (BETA - default=true)
ExperimentalCertificateSigningRequestControllers=true|false (ALPHA - default=false)
ExperimentalGatewayAPISupport=true|false (ALPHA - default=false)
LiteralCertificateSubject=true|false (ALPHA - default=false)
NameConstraints=true|false (ALPHA - default=false)
OtherNames=true|false (ALPHA - default=false)
SecretsFilteredCaching=true|false (BETA - default=true)
ServerSideApply=true|false (ALPHA - default=false)
StableCertificateRequestName=true|false (BETA - default=true)
UseCertificateRequestBasicConstraints=true|false (ALPHA - default=false)
ValidateCAA=true|false (ALPHA - default=false)
-h, --help help for controller
--issuer-ambient-credentials Whether an issuer may make use of ambient credentials. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the Issuer API object. When this flag is enabled, the following sources for credentials are also used: AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata.
--kube-api-burst int the maximum burst queries-per-second of requests sent to the Kubernetes apiserver (default 50)
Expand Down
3 changes: 2 additions & 1 deletion content/docs/cli/webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ Flags:
AllBeta=true|false (BETA - default=false)
DisallowInsecureCSRUsageDefinition=true|false (BETA - default=true)
LiteralCertificateSubject=true|false (ALPHA - default=false)
UseCertificateRequestNameConstraints=true|false (ALPHA - default=false)
NameConstraints=true|false (ALPHA - default=false)
OtherNames=true|false (ALPHA - default=false)
--healthz-port int32 port number to listen on for insecure healthz connections (default 6080)
-h, --help help for webhook
--kubeconfig string optional path to the kubeconfig used to connect to the apiserver. If not specified, in-cluster-config will be used
Expand Down
2 changes: 2 additions & 0 deletions content/docs/installation/configuring-components.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ featureGates:
ServerSideApply: true
LiteralCertificateSubject: true
UseCertificateRequestBasicConstraints: true
OtherNames: true
```

> **Note:** This is included as an example only and not intended to be used as default settings.
Expand All @@ -76,6 +77,7 @@ healthzPort: 6080
featureGates:
AdditionalCertificateOutputFormats: true
LiteralCertificateSubject: true
OtherNames: true
```

> **Note:** This is included as an example only and not intended to be used as default settings.
Expand Down
Loading