Open larsks opened 2 months ago
@larsks I never did the vault config for this cluster, I manually added the necessary secrets to start off with so the and it looks like the certs are there:
[tsalawu@tsalawu-thinkpadx1nanogen2 nerc-ocp-beta-test]$ oc get certs -A
NAMESPACE NAME READY SECRET AGE
openshift-config default-api-certificate True default-api-certificate 2d23h
openshift-config default-ingress-certificate True default-ingress-certificate 2d23h
However, I have just realized an issue with the templates as the ingress cert is being placed in the wrong namespace, I will note down to make that change to the templates.
This is another cluster where they will not be doing things in a Gitops fashion so won't be storing there secrets in vault.
Additionally, this cluster will not be ready to hand off until it has GPU nodes attached to it and we are trying to figure out what A100s are available to be attached to this cluster.
@larsks can you please provide an update on this issue?
The ExternalSecrets configuration on the ocp-beta-test cluster is currently degraded:
A side effect of this is that the cluster does not have valid certificates. It's not really ready to hand off to another team yet. I'll try to take a look at this today, since I believe @tssala23 is on PTO.