Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Read self-signed certiicate from dedicated secret #17044

Merged
merged 1 commit into from
Jun 15, 2020
Merged

Read self-signed certiicate from dedicated secret #17044

merged 1 commit into from
Jun 15, 2020

Conversation

mmorhun
Copy link
Contributor

@mmorhun mmorhun commented May 29, 2020
edited
Loading

Signed-off-by: Mykola Morhun [email protected]

What does this PR do?

Makes self-signed-certificate secret the source of Che server CA certificate. This is done to be consistent with other installers. Also such approach make autodetection of self-signed certificate usage easier.

What issues does this PR fix or reference?

Issue: #16764
Should be merged together with che-incubator/chectl#734

@mmorhun mmorhun requested review from l0rd and nickboldt as code owners May 29, 2020 07:09
@mmorhun mmorhun self-assigned this May 29, 2020
@che-bot che-bot added status/code-review This issue has a pull request posted for it and is awaiting code review completion by the community. kind/task Internal things, technical debt, and to-do tasks to be performed. labels May 29, 2020
tolusha
tolusha reviewed May 29, 2020
View reviewed changes
deploy/kubernetes/helm/che/templates/deployment.yaml
@@ -100,7 +100,7 @@ spec:
valueFrom:
secretKeyRef:
key: ca.crt
name: {{ .Values.global.tls.secretName }}
name: {{ .Values.global.tls.selfSignedCertSecretName }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not good to change the value name.
Somebody might use it

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, I didn't change the name. This change just says: "Read ca.crt from selfSignedCertSecretName secret instead of secretName secret". Names are unchanged.

@che-bot
Copy link
Contributor

che-bot commented May 29, 2020

✅ E2E Happy path tests succeed 🎉

See Details

Tested with Eclipse Che Multiuser User on K8S (minikube v1.1.1)

@tolusha tolusha mentioned this pull request May 29, 2020
Closed
56 tasks
@mmorhun mmorhun mentioned this pull request May 29, 2020
Merged
@tolusha tolusha mentioned this pull request Jun 1, 2020
Closed
34 tasks
@mmorhun mmorhun merged commit 307a780 into master Jun 15, 2020
@mmorhun mmorhun deleted the che-16764 branch June 15, 2020 14:30
@che-bot che-bot removed the status/code-review This issue has a pull request posted for it and is awaiting code review completion by the community. label Jun 15, 2020
mmorhun added a commit that referenced this pull request Jun 16, 2020
@mmorhun
Read self-signed certiicate from dedicated secret (to be consistent w…
6ae2c66 
…ith operator installer) (#17044)

Signed-off-by: Mykola Morhun <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AndrienkoAleksandr AndrienkoAleksandr AndrienkoAleksandr approved these changes

@tolusha tolusha tolusha approved these changes

@sleshchenko sleshchenko Awaiting requested review from sleshchenko

@l0rd l0rd Awaiting requested review from l0rd

@nickboldt nickboldt Awaiting requested review from nickboldt

Assignees

@mmorhun mmorhun

Labels
kind/task Internal things, technical debt, and to-do tasks to be performed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mmorhun @che-bot @tolusha @AndrienkoAleksandr