From 42eab8ab69ce23499b740c3cf1341d0ecb7be98a Mon Sep 17 00:00:00 2001
From: Lance Austin <laustin@datawire.io>
Date: Fri, 26 Jan 2024 08:38:42 -0600
Subject: [PATCH] apiext: pass configured ca namespace to cert manager

The CACertManager ensures the CA Cert is created and managed
and by default it assumes this is done in the emissary-system
namespace.

We missed passing the configured namespace into the CACertManager
so it would fail when users installed the emissary-apiext into
a different namespace than emissary-system.

Signed-off-by: Lance Austin <laustin@datawire.io>
---
 pkg/apiext/server.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkg/apiext/server.go b/pkg/apiext/server.go
index a634e8a8d8..4aae5c27fa 100644
--- a/pkg/apiext/server.go
+++ b/pkg/apiext/server.go
@@ -147,7 +147,10 @@ func (s *WebhookServer) Run(ctx context.Context, scheme *runtime.Scheme) error {
 	}
 
 	if s.crdPatchMgmtEnabled {
-		caCertMgr := cacertrunnable.NewCACertManager(s.logger, mgr.GetClient())
+		caCertMgr := cacertrunnable.NewCACertManager(s.logger, mgr.GetClient(),
+			cacertrunnable.WithCASecretNamespace(s.caSecretSettings.Namespace),
+			cacertrunnable.WithCASecretName(s.caSecretSettings.Name),
+		)
 		if err := mgr.Add(caCertMgr); err != nil {
 			return err
 		}