use secretName or certResolver, not both

if a certResolver is used, then the default TLSStore is used instead if the TLS Store is configured and secretName is also set, both will not be effective (!) setting secretName preempts the certResolver from acting. There will never be a release of Traefik that exfiltrates TLS certificate data into Kubernetes secrets and maintains it there, (at least we can hope not) Signed-off-by: Kingdon Barrett <[email protected]>
kingdonb · May 13, 2024 · e8d856b · e8d856b
1 parent fb0d8ab
commit e8d856b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/apps/routers/talos-dev-webhook/talos-dev-ingressroute.yaml b/apps/routers/talos-dev-webhook/talos-dev-ingressroute.yaml
@@ -31,5 +31,5 @@ spec:
       port: 80
   tls:
     secretName: talos-dev-webhook-tls
-    certResolver: prodresolver
+    # certResolver: prodresolver
     passthrough: false