From b7affe38d9eebf2c47004c8af2ba77affb43c6cd Mon Sep 17 00:00:00 2001
From: Alpha <AlphaWong@users.noreply.github.com>
Date: Fri, 30 Aug 2019 13:10:46 +0800
Subject: [PATCH] Update dns-validation.rst

Update the dns01 setting to 0.8+

https://docs.cert-manager.io/en/latest/tasks/upgrading/upgrading-0.7-0.8.html
Signed-off-by: alpha.wong <alpha.wong@sandboxvr.com>

code cleanup

Signed-off-by: ck.wong <ck.wong@tuta.io>

Update dns-validation.rst

Signed-off-by: alpha.wong <alpha.wong@sandboxvr.com>

UPT: http validation for issue #2039

Signed-off-by: alpha.wong <alpha.wong@sandboxvr.com>

UPT: certificate.spec.acme

Signed-off-by: ck.wong <ck.wong@tuta.io>

FIX: missing selector

Signed-off-by: alpha.wong <alpha.wong@sandboxvr.com>

fixup! UPT: certificate.spec.acme

Signed-off-by: alpha.wong <alpha.wong@sandboxvr.com>
---
 docs/tutorials/acme/dns-validation.rst  | 56 ++++++++++++-------------
 docs/tutorials/acme/http-validation.rst | 17 +++-----
 2 files changed, 32 insertions(+), 41 deletions(-)

diff --git a/docs/tutorials/acme/dns-validation.rst b/docs/tutorials/acme/dns-validation.rst
index 23ff6863c..a9d9175bd 100644
--- a/docs/tutorials/acme/dns-validation.rst
+++ b/docs/tutorials/acme/dns-validation.rst
@@ -36,27 +36,34 @@ You can read more about the Issuer resource in the :doc:`Issuer reference docs <
          name: letsencrypt-staging
 
        # ACME DNS-01 provider configurations
-       dns01:
+       solvers:
+       # An empty 'selector' means that this solver matches all domains
+       - selector: {}
+         dns01:
+           clouddns:
+             # The ID of the GCP project
+             # reference: https://docs.cert-manager.io/en/latest/tasks/issuers/setup-acme/dns01/google.html
+             project: $PROJECT_ID
+             # This is the secret used to access the service account
+             serviceAccountSecretRef:
+               name: clouddns-dns01-solver-svc-acct
+               key: key.json
 
-         # Here we define a list of DNS-01 providers that can solve DNS challenges
-         providers:
+       # We only use cloudflare to solve challenges for foo.com.
+       # Alternative options such as 'matchLabels' and 'dnsZones' can be specified
+       # as part of a solver's selector too.
+       - selector:
+           dnsNames:
+           - foo.com
+         dns01:
+           cloudflare:
+             email: my-cloudflare-acc@example.com
+             # !! Remember to create a k8s secret before
+             # kubectl create secret generic cloudflare-api-key
+             apiKeySecretRef:
+               name: cloudflare-api-key-secret
+               key: api-key
 
-           - name: prod-dns
-             clouddns:
-               # A secretKeyRef to a google cloud json service account
-               serviceAccountSecretRef:
-                 name: clouddns-service-account
-                 key: service-account.json
-               # The project in which to update the DNS zone
-               project: gcloud-prod-project
-
-           - name: cf-dns
-             cloudflare:
-               email: user@example.com
-               # A secretKeyRef to a cloudflare api key
-               apiKeySecretRef:
-                 name: cloudflare-api-key
-                 key: api-key.txt
 
 We have specified the ACME server URL for Let's Encrypt's `staging environment`_.
 The staging environment will not issue trusted certificates but is used to
@@ -99,17 +106,6 @@ Once we have created the above Issuer we can use it to obtain a certificate.
      dnsNames:
      - example.com
      - foo.com
-     acme:
-       config:
-       - dns01:
-           provider: prod-dns
-         domains:
-         - '*.example.com'
-         - example.com
-       - dns01:
-           provider: cf-dns
-         domains:
-         - foo.com
 
 The Certificate resource describes our desired certificate and the possible
 methods that can be used to obtain it.
diff --git a/docs/tutorials/acme/http-validation.rst b/docs/tutorials/acme/http-validation.rst
index 4ce738f44..764cc412c 100644
--- a/docs/tutorials/acme/http-validation.rst
+++ b/docs/tutorials/acme/http-validation.rst
@@ -33,7 +33,12 @@ You can read more about the Issuer resource in the :doc:`Issuer reference docs <
        privateKeySecretRef:
          name: letsencrypt-staging
        # Enable the HTTP-01 challenge provider
-       http01: {}
+       solvers:
+       # An empty 'selector' means that this solver matches all domains
+       - selector: {}
+         http01
+           ingress:
+             class: nginx
 
 We have specified the ACME server URL for Let's Encrypt's `staging environment`_.
 The staging environment will not issue trusted certificates but is used to
@@ -72,16 +77,6 @@ Once we have created the above Issuer we can use it to obtain a certificate.
      commonName: example.com
      dnsNames:
      - www.example.com
-     acme:
-       config:
-       - http01:
-           ingressClass: nginx
-         domains:
-         - example.com
-       - http01:
-           ingress: my-ingress
-         domains:
-         - www.example.com
 
 The Certificate resource describes our desired certificate and the possible
 methods that can be used to obtain it. You can learn more about the Certificate