-
Notifications
You must be signed in to change notification settings - Fork 1
Move to go webhooks #90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Aleksandr Stefurishin <[email protected]>
Signed-off-by: Aleksandr Stefurishin <[email protected]>
Signed-off-by: Aleksandr Stefurishin <[email protected]>
Signed-off-by: Aleksandr Stefurishin <[email protected]>
Signed-off-by: Aleksandr Stefurishin <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
tlscertificate.GenSelfSignedTLSHookConf{ | ||
CN: "csi-nfs-scheduler-extender", | ||
Namespace: ModuleNamespace, | ||
TLSSecretName: "csi-nfs-scheduler-extender-https-certs", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Secret name in python code is scheduler-extender-https-certs
@@ -0,0 +1,254 @@ | |||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Below code is a modified version of module-sdk, which was added to sds-replicated-volume, because we have several certificates with a common CA there. Since you have only one CA in your case, it should be enough to use what module-sdk already have, it will be much simpler.
- See
020-webhook-certs
or https://github.com/deckhouse/sds-local-volume/blob/main/hooks/go/020-webhook-certs/webhook-certs.go as an example. - Remove
hooks/go/tls-certificate/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tried rewriting, caught Helm error
run helm install: check helm values: 3 errors occurred:
* csiNfs.internal.customSchedulerExtenderCert.crt is required
* csiNfs.internal.customSchedulerExtenderCert.key is required
* csiNfs.internal.customSchedulerExtenderCert.ca is required
My point here is to put certificate generaton via module sdk as a different task and bring it to a uniform format across all our relevant modules
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Signed-off-by: Nikolay Demchuk <[email protected]>
Description
Ensure webhooks are up-to-date, rewrite several python-based webhooks to golang
Why do we need it, and what problem does it solve?
What is the expected result?
Checklist