sparse-intern-71089
11/16/2023, 10:48 PMstale-answer-34162
11/17/2023, 2:47 AM// Install Cert-Manager prior to Ingress. Install CRD prior to CM.
const certManagerNamespace = new k8s.core.v1.Namespace(
'cert-manager',
{ metadata: { name: 'cert-manager' } },
{ provider: k8sProvider },
)
const certManager = new k8s.yaml.ConfigFile('certManager', {
file: '<https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.crds.yaml>',
})
export const certManagerRelease = new helm.v3.Release(
'cert-manager',
{
namespace: certManagerNamespace.metadata.name,
chart: 'cert-manager',
repositoryOpts: { repo: '<https://charts.jetstack.io>' },
version: '1.13.2',
atomic: true,
cleanupOnFail: true,
disableOpenapiValidation: false,
values: parseYamlFromFile('charts/cert-manager/cert-manager-op-dev.yml'),
},
{ provider: k8sProvider, dependsOn: certManager },
)
Updating (dev-charts-system)
View in Browser (Ctrl+O): <https://app.pulumi.com/openphone/dev-eks/dev-charts-system/updates/20>
Type Name Status Info
pulumi:pulumi:Stack dev-eks-dev-charts-system **failed** 1 error
+ ├─ kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> cert-manager **creating failed** 1 error
Diagnostics:
pulumi:pulumi:Stack (dev-eks-dev-charts-system):
error: update failed
kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (cert-manager):
error: rendered manifests contain a resource that already exists. Unable to continue with install: CustomResourceDefinition "<http://certificaterequests.cert-manager.io|certificaterequests.cert-manager.io>" in namespace "" exists and cannot be imported into the current release: invalid ownership metadata; label validation error: missing key "<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>": must be set to "Helm"; annotation validation error: missing key "<http://meta.helm.sh/release-name|meta.helm.sh/release-name>": must be set to "cert-manager-c95039d8"; annotation validation error: missing key "<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>": must be set to "cert-manager"