-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add diagrams to explain all the "requesting certificates" flows #1289
Conversation
✅ Deploy Preview for cert-manager-website ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
adbd70a
to
83fbd6e
Compare
83fbd6e
to
743ec9c
Compare
743ec9c
to
54fb651
Compare
853b083
to
1be8ac0
Compare
… diagram Signed-off-by: Tim Ramlot <[email protected]>
<div style={{textAlign: "center"}}> | ||
<object data="/images/request-certificate-overview/request-certificate-certificaterequest.svg"></object> | ||
</div> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm unsure about these diagrams. Unless the reader is comfortable with all the terms (CSI driver, etc), I think they won't find any value in looking at the diagram. At best, they will think "huh?", at worst they will feel they are on the wrong page.
What idea are you trying to convey with these diagrams? That they could be using another approach? Or are you reminding them of all the features of cert-manager?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO, this diagram should only show the "resources at play": the CertificateResource + the Secret.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It aims to show you what resources are created by the user & what resources are auto-generated for each of the different paths. (eg. If you annotate an Ingress, that will create a Certificate resource and that Certificate resource will create CertificateRequest resources.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO, this diagram should only show the "resources at play": the Gateway (with the principal annotation that enables the workflow) + the CertificateResource + the Secret. Anything else will confuse people.
Knowing what resources are at play is important since folks will need to know about them almost immediately to debug things.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Knowing what resources are at play is important since folks will need to know about them almost immediately to debug things.
That is my goal for this diagram.
Do you know how we can adapt these diagrams to make that more clear?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would probably only show one box with a Gateway, one box with the CertificateResource, and one box with the Secret. I don't think that "CSI driver" and "Certificate" are useful context here
Signed-off-by: Tim Ramlot <[email protected]>
Thank you for digging into my old diagrams and for fixing them!! The new CR diagrams should also help. /lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: maelvls The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
I split the diagram from https://cert-manager.io/docs/concepts/certificate/ into multiple diagrams and placed them on the different "requesting certificates" pages.