[jaeger-operator] Fix certificate condition in deployment file for #375

[AshutoshNirkhe]

What this PR does

Which issue this PR fixes

(optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format,
will close that issue when PR gets merged)

• fixes Disabling certs creation in v2.32.2 helm chart breaks the jaeger deployment #375

Checklist

• DCO signed
• Commits are GPG signed
• Chart Version bumped
• Title of the PR starts with chart name ([jaeger] or [jaeger-operator])
• README.md has been updated to match version/contain new values

[cpanato]

lgtm

[AshutoshNirkhe]

lgtm

@batazor appreciate if you could have a look too ?

[czomo]

@AshutoshNirkhe Did you tried to deploy it with .certs.certificate.create to off? I guess it will end up with sth like /tmp/k8s-webhook-server/serving-certs/tls.crt: no such file or directoryManager exited non-zero because jaeger operator expect cert under that path.
cert-manager pre-requisite is not without a reason because it is responsible for handling certs for secure connection. You can create certs for your own however they are mandatory to work.

[czomo]

Check out the https://github.com/jaegertracing/helm-charts/tree/main/charts/jaeger-operator#prerequisites for the operator chart and my comment in conversation. In case you don't want to use cert-manager you should create certificate for webhook service in a secret instead.

[AshutoshNirkhe]

@czomo thanks for the explanation. I have already configured it to use webhooks and self-signed issuer/certs now so am good.
Basically it started with if we can disable both webhooks and hence certificates for webhooks.
Like what if I disable both the webhooks ? (https://github.com/jaegertracing/helm-charts/blob/jaeger-operator-2.32.2/charts/jaeger-operator/values.yaml#L22)
Why should I still care about certificates ? So if webhooks are mandatory, shall we get rid off those flags from values file to enable/disable them or update the Readme ?

[czomo]

jaeger-operator can be deployed in multiple ways, that's why there is option to disable specific components.

webhooks in general are integrated part of jaeger because they are responsible for validating jeager resources(validating webhook) or in case of mutating webhooks adding jaeger sidecars. However there are some cases when you want do disable them because of conflicts with other resources. Be carefull about that.
One of the purpose of certs is handling secure connection between service and webhooks, more features will be added in the future.

[AshutoshNirkhe]

Ok so I think its wiser to not disable any of that :) We don't this PR anymore in that case.

[avishefi]

We should be able to disable creating the certificates so people can use their own cert-manager issuers and settings. Is this PR being merged?

[em-le-ts]

Is any update for this PR? We're facing the same issue. Many thanks