Bug 1876091: Render bootstrap certificates #412
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
ironcladlou
force-pushed
the
render-certs
branch
from
2f21ff9
to
f360461
Compare
|
/retest |
|
/retest |
Render bootstrap certificates During render, generate the certificates necessary for the bootstrap member. Update the bootstrap pod to use the rendered certificates. After this change, the existing asynchronous client/server based bootstrap certificate generation mechanism should be deleted.
ironcladlou
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
e2e should be a sufficient test here — the updated bootstrap member pod no longer refers to the certificates generated by the existing kubecsr process, so if we pivot it means our rendered certs were good enough to get us past bootstrap and the installer bits can be deleted (openshift/installer#3995) and additional refactoring can proceed. |
ironcladlou
force-pushed
the
render-certs
branch
from
30a7b3d
to
4685c37
Compare
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hexfusion, ironcladlou The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
|
/retitle Bug 1876091: Render bootstrap certificates |
openshift-ci-robot
changed the title
|
@ironcladlou: Bugzilla bug 1876091 is in an unrecognized state (ON_QA) and will not be moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
The cluster-etcd-operator render command now handles bootstrap certificate generation[1]. This patch deletes the now unused client/server bootstrap etcd cert generation logic. [1] openshift/cluster-etcd-operator#412
During render, generate the certificates necessary for the bootstrap member.
Update the bootstrap pod to use the rendered certificates.
After this change, the existing asynchronous client/server based bootstrap
certificate generation mechanism should be deleted.
Extracted from @markmc's work in #410.