-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Propagate the status when a Knative Certificate fails to be created #14530
Comments
/assign |
hello @gabo1208 |
Hey @xiangpingjiang they are an internal CR to bridge between Serving and an issuer (like net-certmanager). You should get those certificates if you enable the external-domain-tls feature and install cert-manager, net-certmanager (docs: https://knative.dev/docs/serving/encryption/enabling-automatic-tls-certificate-provisioning/ ) |
Hey @xiangpingjiang I read your question wrong, thought you were asking for docs on how it works, thanks @ReToCode for answering correctly old answer still applies to what I understood hehe: but a clue is always check the reconciler, specifically the file that has the resource name: https://github.com/knative/networking/blob/main/pkg/certificates/reconciler/certificates.go There you can see the creation flow of a certificate, and probably there you can modify its behavior to bubble up underlying resources' status. Also, feel free to ping me over slack to discuss anything :)! |
Hi @gabo1208 , do you means that we should add more conditions such as |
/assign |
Sorry the delay @ckcd I also mean that in some point if a certificate is failing we could bubble down to the routes an error that says (certificate is failing) Also a timeout for it to work the ´add IsFailed´ PR is a good start, but when a certificate fails and you have to check if it's a certificates fault right now is not user friendly (or obvious) to the en user |
@gabo1208 Thanks for your reply! Next I will try to enhance the status propagate when a certificate fails. |
/area networking
/kind good-first-issue
Describe the feature
We need to have the required lifecycle methods to know when a Knative Certificate creation have failed. Right now we just have the Ready condition and in the status we haven't implemented all the commented conditions that allows to check if the Cert has failed or is just
not ready
(https://github.com/knative/networking/blob/main/pkg/apis/networking/v1alpha1/certificate_types.go#L94)This feature is related to: knative/networking#875
The text was updated successfully, but these errors were encountered: