NunoFilipeSantos
commented
5 years ago @dannysauer Please review this PR since the tests are failing, this is not done.
Closed dannysauer closed 5 years ago
NunoFilipeSantos
commented
5 years ago @dannysauer Please review this PR since the tests are failing, this is not done.
dannysauer
commented
5 years ago 🤦♂️ This fails because it changes to using the system cert store for Velum cert validation instead of the SUSE cert. That means it's never going to pass CI until kubic-project/caasp-container-manifests#213 is merged first. I'm not sure why it took several weeks to realize something I told people before I opened the PR... Sigh.
dannysauer
commented
5 years ago The new CI failure happens because teh haproxy config is rendered invalid after a reboot. I didn't test rebooting because, well, why would simply rebooting change stuff? 😕 Whoops. Should be fixed by kubic-project/caasp-container-manifests#224
dannysauer
commented
5 years ago Planning to rebase on master and force-push, as CI is now failing at rebase. :)
dannysauer
commented
5 years ago Squashed commits down in preparation for merge.
All the salt backend changes to make Velum, Dex, and kube-API (the external-facing services) support user-provided Certs (and their corresponding CA).
There is a related PR in kubic-project/caasp-container-manifests#213 which is necessary for this to work properly.
Marked work-in-progress since it's still not completely verified as working.