Update API certificate #18
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
loganmc10
force-pushed
the
api
branch
3 times, most recently
from
5415555 to
57128f5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #5
This allows the user to specify
spec/apiCertRef/{name,namespace}if they have a TLS certificate that they want to use for the API. If they leavespec/apiCertRef, then the Operator will generate a self-signed certificate for them.The Operator will update the
APIServerobject to use the new certificate.It should handle cases where they modify the certificate or delete the CR. If the CR is deleted, the secrets are owned by the CR, so they are also deleted.
There is also a finalizer that will revert the changes to the
APIServerobject, so deleting the CR should put the cluster back to how it was before the CR was created.This should give a good foundation for other work (the Ingress for example).