Open ytimocin opened 5 months ago
:wave: @ytimocin Thanks for filing this issue.
A project maintainer will review this issue and get back to you soon.
We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.
For more information on our triage process please visit our triage overview
We can add breakingchange section in the next release note for upgrade scenario. Making it right earlier is better than later. cc/ @AaronCrawfis @rynowak
We can add breakingchange section in the next release note for upgrade scenario. Making it right earlier is better than later. cc/ @AaronCrawfis @rynowak
Sounds good. I can create a PR for this once we have the consensus.
Does this behave differently?
Does this behave differently?
In terms of behavior, kubernetes.io/tls
secrets are automatically used by Kubernetes components that manage TLS communications. But, I think, in our case, because we pass the secret to the caBundle, it doesn't matter if the secret is of type Opaque or kubernetes.io/tls. Because Kubernetes components will automatically look at this property and will not do anything different if the type of the Secret is Opaque or something else. Please correct me if I am wrong @youngbupark.
For Radius users; if there is an existing installation and if the user does reinstall
, reinstall
can't find the Opaque secret and throws an error. So it is a breaking change.
I'd agree with @youngbupark that we can do it sooner rather than later.
:+1: We've reviewed this issue and have agreed to add it to our backlog. Please subscribe to this issue for notifications, we'll provide updates when we pick it up.
We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.
For more information on our triage process please visit our triage overview
Area for Improvement
This is to improve our Helm charts by making the types of our cert secrets
kubernetes.io/tls
.Observed behavior
There is no type in our secrets as of now and that makes the types of these secrets
Opaque
.Desired behavior
These secrets are holding certificate details and can be typed as
kubernetes.io/tls
.Proposed Fix
Add the type
kubernetes.io/tls
to the secrets.rad Version
RELEASE VERSION BICEP COMMIT 0.29.0 v0.29.0 0.29.0 6abd7bfc3de0e748a2c34b721d95097afb6a2bba
Operating system
macOS, Apple Chip, Sonoma 14.2.1
Additional context
Would you like to support us?
AB#10890