Skip to content

Comments

Fix cert-manager certificate ownership conflict for multi-ingress overlay#96

Merged
bwalsh merged 2 commits intofeature/ingressfrom
copilot/sub-pr-92-again
Nov 25, 2025
Merged

Fix cert-manager certificate ownership conflict for multi-ingress overlay#96
bwalsh merged 2 commits intofeature/ingressfrom
copilot/sub-pr-92-again

Conversation

Copy link
Contributor

Copilot AI commented Nov 25, 2025
edited
Loading

Multiple Ingress resources with cert-manager.io/cluster-issuer annotation on the same TLS secret causes cert-manager to reject updates with "certificate resource is not owned by this object" error.

Changes

  • Template: Only add cluster-issuer annotation to routes with primary: true flag
  • Values: Mark workflows route as primary by default
  • Docs: Document TLS certificate ownership pattern in README and user guide

Usage

ingressAuthzOverlay:
  routes:
    workflows:
      primary: true   # Only this route gets cert-manager.io/cluster-issuer annotation
    applications:
      enabled: true   # References TLS secret but doesn't trigger cert creation

To change the primary route:

routes:
  workflows:
    primary: false
  api:
    primary: true

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI mentioned this pull request Nov 25, 2025
Merged
@bwalsh
Fix cert-manager certificate ownership conflict by using primary rout…
b33f9de 
…e flag

Co-authored-by: bwalsh <47808+bwalsh@users.noreply.github.com>
Copilot AI changed the title [WIP] Add Authz-aware ingress overlay for multi-tenant UIs and APIs Fix cert-manager certificate ownership conflict for multi-ingress overlay Nov 25, 2025
Copilot AI requested a review from bwalsh November 25, 2025 04:35
@bwalsh bwalsh marked this pull request as ready for review November 25, 2025 04:40
@bwalsh bwalsh merged commit 367efe0 into feature/ingress Nov 25, 2025
@bwalsh bwalsh deleted the copilot/sub-pr-92-again branch November 25, 2025 04:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bwalsh bwalsh Awaiting requested review from bwalsh

Assignees

@bwalsh bwalsh

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bwalsh