New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable bindata #229
Enable bindata #229
Conversation
a34101b
to
d5e1ab3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please mark the highlighted volumes as non-optional and move the auto-generated content to a separate commit, otherwise LGTM!
d5e1ab3
to
90410a5
Compare
if [ -s | ||
/var/config/system/configmaps/v4-0-config-system-trusted-ca-bundle/ca-bundle.crt | ||
]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This condition might be easier to read if it's just one line
fi | ||
exec oauth-server osinserver | ||
--config=/var/config/system/configmaps/v4-0-config-system-cliconfig/v4-0-config-system-cliconfig | ||
--v=${LOG_LEVEL} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These line get squashed in the real deployment so that the args look like this:
if [ -s /var/config/system/configmaps/v4-0-config-system-trusted-ca-bundle/ca-bundle.crt ]; then
echo "Copying system trust bundle"
cp -f /var/config/system/configmaps/v4-0-config-system-trusted-ca-bundle/ca-bundle.crt /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
fi exec oauth-server osinserver --config=/var/config/system/configmaps/v4-0-config-system-cliconfig/v4-0-config-system-cliconfig --v=2
As @soltysh pointed out earlier in his yaml-multiline findings, you may want to start with
args:
- |
which is supposed to keep the newlines.
See https://yaml-multiline.info/ which is quite helpful
You'll have to add backslashes before each line ending in the exec
part I think
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@stlaz what do you think of running the "copy system bundle" part in an init container? Then the cmd/args for this container will be more maintainable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't you need a volume for such a change to persist?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I think an EmptyDir volume would do as this is the only file expected in the target directory. But I'll leave that for another day since this is working as is.
555198d
to
93537e2
Compare
/retest |
/test e2e-aws |
- name: v4-0-config-system-session | ||
secret: | ||
secretName: v4-0-config-system-session | ||
defaultMode: 420 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks suspicious/wrong. Aren't these supposed to be octal?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
420 decimal == 0644 octal, which is the default anyway, so I have removed these lines.
I'm glad to see this kind of a change /approve |
93537e2
to
1be184d
Compare
/test e2e-aws |
2 similar comments
/test e2e-aws |
/test e2e-aws |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, mfojtik, sanchezl The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Use bindata (instead of inline code) to create the oauth-openshift deployment.