Start by deleting environment repos from github to start from scratch.
The names are defined as:
echo $(grep repository jx-requirements.yml | cut -f 2 -d ":")
or better: cat jx-requirements.yml| yq ".environments[].repository"
https://cert-manager.io/docs/configuration/acme/dns01/google/
kubectl create namespace jx
kubectl create secret generic clouddns-admin --from-file=credentials.json -n jx
gcloud container clusters get-credentials $PROJECT --zone $ZONE --project $PROJECT
kubectl create namespace tekton-pipelines
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
sed -i "s/external-dns-gcp-sa/clouddns-admin/g" ./jenkins-x-boot-config/systems/acme/templates/cert-manager-prod-issuer.yaml
jx boot
correct service account name and domain list in:
kubectl edit issuer letsencrypt-prod
correct the subdomain in kubectl edit certificate
check that the challenge is in progress: kubectl get challenges -o yaml
eg. reason: 'Waiting for dns-01 challenge propagation: DNS record for ...
finally kubectl get secrets tls-sierraforce-com-p -o yaml
check the cert:
kubectl get secrets $(kubectl get certificates -o yaml | yq '.items[0].spec.secretName' | sed -e 's\"\\g' ) -o yaml | yq '.data["tls.crt"]'
dial down cpu requested (180->80) on
kubectl edit deployment jenkins-x-heapster -n jx
Error creating: pods "exdns-external-dns-d88b689d7-" is forbidden: error looking up service account jx/exdns-external-dns: serviceaccount "exdns-external-dns" not found
probably defined in kubeProviders/eks/templates/irsa.tmpl.yaml
replace secret name with clouddns-admin kubectl edit serviceaccount exdns-external-dns
replace service account name and secretName in kubectl edit deployment exdns-external-dns -n jx
check the DNS entries on gcloud: gcloud dns record-sets list --zone "jx-sierra" delete TXT records without A records to let the sync happen again
NOTE: deprecation