New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1876091: Render bootstrap certificates #412
Bug 1876091: Render bootstrap certificates #412
Conversation
2f21ff9
to
f360461
Compare
/retest |
/retest |
Render bootstrap certificates During render, generate the certificates necessary for the bootstrap member. Update the bootstrap pod to use the rendered certificates. After this change, the existing asynchronous client/server based bootstrap certificate generation mechanism should be deleted.
e2e should be a sufficient test here — the updated bootstrap member pod no longer refers to the certificates generated by the existing kubecsr process, so if we pivot it means our rendered certs were good enough to get us past bootstrap and the installer bits can be deleted (openshift/installer#3995) and additional refactoring can proceed. |
30a7b3d
to
4685c37
Compare
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hexfusion, ironcladlou The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
/retitle Bug 1876091: Render bootstrap certificates |
@ironcladlou: Bugzilla bug 1876091 is in an unrecognized state (ON_QA) and will not be moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
During render, generate the certificates necessary for the bootstrap member.
Update the bootstrap pod to use the rendered certificates.
After this change, the existing asynchronous client/server based bootstrap
certificate generation mechanism should be deleted.
Extracted from @markmc's work in #410.