Open shan100github opened 3 months ago
There was #1713 which could solve this but it got stale and was untested
yeah, something similar to that. At present, I have used "helm template" to generate TLS certs and replace them in the environment. It made Harbor environment usable.
Alternatively, it might be a better idea for users to set internalTLS.certSource
to be manual
or secret
with a given formalized certs configuring a specified expiration time in their production environment.
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
Issue
After a year of harbor deployment, internal TLS expired & pods started failing
Solution
It will be nicer if we have a job to renew all internal TLS certs can be regenerated.
I look forward to other suggestions and opinions.