search

deis / router

Edge router for Deis Workflow
https://deis.com
MIT License
80 stars 57 forks source link

Allow arbitrary secret names for certificates #273

Open gerred opened 8 years ago

gerred commented 8 years ago

https://github.com/PalmStoneGames/kube-cert-manager is opinionated in its secret name creation with its TPR, as is Deis in secret name usage for certificates. (append with -cert).

We should support any arbitrary secret name to make compatibility with other community tools easier.

krancour commented 8 years ago

This seems like a good idea.

If I can propose how we'd do this...

My thought is that the annotations on a routable service could reference a secret by name, and the router would use that, if specified. (This would work nicely for people using router without Workflow.) Otherwise, the router would look for the secret using the same naming convention as it does today.

@gerred how does that compare to your own thoughts on this?

gerred commented 8 years ago

@krancour that looks great :+1: I was trying to sort out how to make our convention backwards portable, and I think that does it. I'll try to whip up a PR today.

Would this be under the same annotation key you think?

krancour commented 8 years ago

Would this be under the same annotation key you think?

Not sure what you mean.

I'm imagining a new annotation on a routable service. The value of that annotation, if present, just references the secret by name.

gerred commented 8 years ago

We're on the same page then. I wasn't sure if we were talking about having logic to try to "guess" based on the existing annotation.

krancour commented 8 years ago

Nope. No guessing.

Cryptophobia commented 6 years ago

This issue was moved to teamhephy/router#18