Bug 1870514: Configuring custom certificate for default console route #459
Conversation
openshift-ci-robot
added
the
bugzilla/severity-urgent
|
@jhadvig: This pull request references Bugzilla bug 1870514, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
bugzilla/valid-bug
openshift-ci-robot
added
the
approved
|
/test e2e-aws-operator |
1 similar comment
|
/test e2e-aws-operator |
|
/test e2e-gcp-upgrade |
|
/test e2e-gcp-upgrade |
| @@ -224,6 +233,24 @@ func (c *RouteSyncController) SyncCustomRoute(operatorConfig *operatorsv1.Consol | |||
| return customRoute, "", customRouteError | |||
| } | |||
|
|
|||
| func (c *RouteSyncController) ValidateDefaultRouteConfig(operatorConfig *operatorsv1.Console) (*corev1.Secret, error) { | |||
There was a problem hiding this comment.
Maybe GetDefaultRouteTLSConfig. This isn't really validating anything just returning config, specifically TLS config.
| requiredDefaultRoute := routesub.DefaultRoute(operatorConfig) | ||
| customTLSSecret, configErr := c.ValidateDefaultRouteConfig(operatorConfig) | ||
| if configErr != nil { | ||
| return nil, "InvalidDefaultRouteConfig", configErr |
There was a problem hiding this comment.
It's not necessarily invalid. It means we couldn't get the secret, right? It be that the name is wrong, but it could be due to other errors as well?
| } | ||
| return secret, nil | ||
| } | ||
|
|
||
| func (c *RouteSyncController) ValidateCustomRouteConfig(operatorConfig *operatorsv1.Console) (*corev1.Secret, error) { |
There was a problem hiding this comment.
Existing code, but this method is overloaded. It both gets and validates, which makes it harder to understand. We can leave this for now, but we might want to break this up into separate methods that each do one thing in the future.
|
/test e2e-aws-operator |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jhadvig, spadgett The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
4 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
@jhadvig: All pull requests linked via external trackers have merged: Bugzilla bug 1870514 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/cherry-pick release-4.5 |
|
@jhadvig: new pull request created: #465 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
When cluster user wants to define custom TLS secret for the default route he should just define the secret's name in the console-operator config. The issue is that we cannot have two routes(default, custom) with the same hostname.
I thing we should update the API comment with this use-case.
Also we should probably backport this fix to 4.5
/assign @spadgett