search

kubermatic / operating-system-manager

Operating System Manager is responsible for creating and managing the configuration that are needed to configure worker nodes
Apache License 2.0
36 stars 31 forks source link

Fix support for ca-bundle #399

Closed ahmedwaleedmalik closed 4 months ago

ahmedwaleedmalik commented 4 months ago

What this PR does / why we need it: This PR fixes the ca-bundle flag/support in OSM. This flag is used to override the PKI certs for Kubernetes. Although in our other tools like machine-controller, KubeOne, the functionality is a bit different and this is used to override the CA certs for the host and in-code clients that communicate with external services.

To clear this ambiguity, we have to split it into kubernetes-ca-bundle and host-ca-bundle flags to make it coherent and self-explanatory. The flag ca-bundle has been deprecated and made no-op.

Which issue(s) this PR fixes:

Fixes #235

What type of PR is this?

/kind feature /kind deprecation

Special notes for your reviewer:

Does this PR introduce a user-facing change? Then add your Release Note here:

* Introduce `kubernetes-ca-bundle` and `host-ca-bundle` to propgate custom CA certs to kubernetes worker node and the machine itself, respectively.
* The flag `ca-bundle` has been deprecated and is now no-op. Please use `kubernetes-ca-bundle` or `host-ca-bundle` instead.

Documentation:

NONE
kubermatic-bot commented 4 months ago

LGTM label has been added.

Git tree hash: f5109822da30207a9842a8e00313408cdb92fad5

kubermatic-bot commented 4 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kron4eg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubermatic/operating-system-manager/blob/main/OWNERS)~~ [kron4eg] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
kron4eg commented 1 month ago

/cherrypick release/v1.5

kubermatic-bot commented 1 month ago

@kron4eg: #399 failed to apply on top of branch "release/v1.5":

Applying: Fix support for ca-bundle
Using index info to reconstruct a base tree...
M   cmd/osm-controller/main.go
M   deploy/osps/default/osp-ubuntu.yaml
M   go.mod
M   go.sum
M   pkg/controllers/osc/osc_controller.go
M   pkg/controllers/osc/resources/operating_system_config.go
Falling back to patching base and 3-way merge...
Auto-merging pkg/controllers/osc/resources/operating_system_config.go
Auto-merging pkg/controllers/osc/osc_controller.go
Auto-merging go.sum
CONFLICT (content): Merge conflict in go.sum
Auto-merging go.mod
CONFLICT (content): Merge conflict in go.mod
Auto-merging deploy/osps/default/osp-ubuntu.yaml
Auto-merging cmd/osm-controller/main.go
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Fix support for ca-bundle
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to [this](https://github.com/kubermatic/operating-system-manager/pull/399#issuecomment-2361467181): >/cherrypick release/v1.5 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.