-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for TLS client cert/key in tls_config
#442
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think think this makes sense.
Comments inline.
b807548
to
94fc5ed
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks @simondeziel!
@rbarry82 please let me know if you'd like me to make any changes, thanks! |
e21220e
to
ebe6aa9
Compare
4d4f40b
to
ebe6aa9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very sorry for the delay!
In the second pass I noticed two issues that are easy to fix.
4aff893
to
4711109
Compare
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
…uested Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
0a6d244
to
3622e98
Compare
@sed-i I've integrated your feedback, please let me know if I missed something! Thanks! |
Looks great, thank you! |
@simondeziel the CI was fixed. Do you mind pushing an empty commit to retrigger CI?
|
a1845d1
to
285162f
Compare
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
285162f
to
50529f8
Compare
@sed-i it seems that "PR / Quality Checks / Integration Tests" is still waiting on something. |
These actually passed, from the looks of it. GH just isn't reporting it. This works in manual testing. Anything still pending @simondeziel ? |
@rbarry82 nope, all done on my side, thanks! |
Context
The prometheus2 machine charm supports injecting a TLS client cert/key to use when scraping a given target.
This PR adds support for TLS client cert/key (
cert_file
/key_file
) to thetls_config
key.Note: the LXD charm uses that feature when related with
prometheus2
and we'd like to keep using it when related withprometheus-k8s
.Release Notes
Support TLS client authentication when scraping metrics.