Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
STOR-1442: Restart node Pods if webhook-serving-cert changed
The secret `shared-resource-csi-driver-webhook-serving-cert` is bound to the CA cert by annotation `service.beta.openshift.io/serving-cert-secret-name`. This means that if CA cert is rotated, the secret `shared-resource-csi-driver-webhook-serving-cert` will be automatically updated too. This secret keeps TLS cert and key which are used to secure HTTP connection to webhook server which is started by OpenShift Shared Resource CSI Driver. If cert and key are updated, we need to restart CSI driver Pod to re-read new keys. Otherwise, clients coming with new cert won't be able to communicate with the server running with older key/cert.
- Loading branch information