-
Notifications
You must be signed in to change notification settings - Fork 805
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set certificate.spec.privateKey.rotationPolicy on Certificates #3325
Conversation
Signed-off-by: Morten Mjelva <morten.mjelva@gmail.com>
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
Welcome @mortenmj! |
Signed-off-by: Morten Mjelva <morten.mjelva@gmail.com>
Welcome @mortenmj , thanks for your contribution! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/merge |
This pull request has been accepted and is ready to merge. Commit hash: 8ddcf34
|
What problem does this PR solve?
As of cert-manager version 1.8, the field spec.privateKey.rotationPolicy on Certificate objects is validated. Valid values are 'Always' or 'Never'.
See the cert-manager release notes for more information: https://cert-manager.io/docs/release-notes/release-notes-1.8#breaking-changes-you-must-read-this-before-you-upgrade
This will close #3324
What's changed and how it works?
This adds the following to the four Certificates created by chaos-mesh:
Related changes
chaos-mesh/website
Dashboard UI
Checklist
CHANGELOG
CHANGELOG.md
Tests
helm template chaos-mesh .
The created Certificates should have a value set for spec.privateKey.rotationPolicy, like this:
Side effects
Looking at older cert-manager API docs, the rotationPolicy property looks like it has been there at least as far back as v1alpha2. As such I don't expect any problems with backwards compatibility.
https://cert-manager.io/v1.1-docs/reference/api-docs/#cert-manager.io/v1alpha2.PrivateKeyRotationPolicy
https://cert-manager.io/v1.1-docs/reference/api-docs/#cert-manager.io/v1alpha3.PrivateKeyRotationPolicy
https://cert-manager.io/v1.1-docs/reference/api-docs/#cert-manager.io/v1beta1.PrivateKeyRotationPolicy