-
Notifications
You must be signed in to change notification settings - Fork 127
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1882176: Validate certs for the current IP address of the node #461
Bug 1882176: Validate certs for the current IP address of the node #461
Conversation
@retroflexer: This pull request references Bugzilla bug 1882176, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
dbbf87c
to
4a4dfe6
Compare
/retest |
1 similar comment
/retest |
5cbda40
to
718966e
Compare
/bugzilla refresh |
@retroflexer: This pull request references Bugzilla bug 1882176, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
718966e
to
b7de11e
Compare
/retest |
b7de11e
to
cd2a644
Compare
@retroflexer: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/test e2e-upgrade |
6e414e4
to
c116df3
Compare
/hold cancel |
/test verify |
/retest |
/test e2e-agnostic |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@retroflexer looks good a few optional things to look at here. I can tag when you are ready.
/approve
pkg/operator/etcdendpointscontroller/etcdendpointscontroller_test.go
Outdated
Show resolved
Hide resolved
9f13370
to
2d32a71
Compare
/lgtm |
2d32a71
to
854a62e
Compare
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hexfusion, retroflexer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
@retroflexer: All pull requests linked via external trackers have merged: Bugzilla bug 1882176 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Currently cluster-etcd-operator only checks the existence of the certificates, but doesn't verify the SAN configured in the certs against the current node IP address (hostname).
This PR fixes the problem by parsing the certificate to validate the SAN. If there is a SAN mismatch, it generates a new set of certificates.