Closed mrogers950 closed 5 years ago
@mrogers950: The following test failed, say /retest
to rerun them all:
Test name | Commit | Details | Rerun command |
---|---|---|---|
ci/prow/unit | 8d296e33a2a3fc41d62de45ae2741a797cdf4d43 | link | /test unit |
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.
@mrogers950: PR needs rebase.
After the CA rollover, we'll need to trigger an update of all serving certs. To do this, add a CA generation annotation to secrets that holds a generation number of the CA used to issue the cert. When checking for regeneration, check to see if the annotation does not match the current generation. For now the generation number given to controllers is always 1. When we actually perform the CA rollover during operator sync, the controller configurations will be updated with the current CA generation number and we will need to wire it in from the config. @openshift/sig-auth