Closed vinzent closed 1 year ago
I will now build the image and test it on our internal cluster.
@raffaelespazzoli I can confirm, that with this patch applied, the ConfigMap truststore.jks is no more updated on every restart of the cert-utils-operator pods.
can you rebase?
can you rebase?
done.
This requires the keystore-go to be updated to v4 and this requires at least go 1.17. So i've updated to go 1.20 too.
I've added a new test case to check the equality of the JKS after two reconciles. The issues only started to exist, when then ca-bundle.crt contained many certs. So i've included the Mozilla CA list as testdata. Once I remove
keystore.WithOrderedAliases()
, the test fails.Fixes #142