cert manager update #679
cert manager update #679
Conversation
|
Can one of the admins verify this patch? |
| @@ -47,6 +47,14 @@ spec: | |||
| env: | |||
| # *_NAMESPACE and *_NAME environment variables are recognized by onos-lib-go utilities. | |||
| # These variables should always be defined. | |||
| - name: GRPC_GO_LOG_VERBOSITY_LEVEL | |||
There was a problem hiding this comment.
what loggers are these? log levels for onos-config and onos-topo can be controlled from the values in the helm chart.
There was a problem hiding this comment.
I would suggest to remove them to avoid confusion with our loggers.
There was a problem hiding this comment.
added the logs under flag.
badhrinathpa
force-pushed
the
cert-manager
branch
from
6725756
to
d4a177b
Compare
onos-umbrella/Chart.yaml
Outdated
| @@ -17,6 +17,11 @@ maintainers: | |||
| - name: ONOS Support | |||
| email: support@opennetworking.org | |||
| dependencies: | |||
| - name: ca-issuer-charts | |||
| condition: import.ca-issuer.enabled | |||
| #intel-innersource/frameworks.edge.one-intel-edge.maestro-app.roc.rocaas-charts/ca-issuer-charts | |||
There was a problem hiding this comment.
We should remove the intel inner source thing
onos-config/values.yaml
Outdated
| @@ -108,6 +117,12 @@ logging: | |||
| output: | |||
| stdout: | |||
| sink: stdout | |||
| grpc: | |||
There was a problem hiding this comment.
We should not add it here. It should be separate. We use a specific format for internal loggers and grpc stuff is not part of that
onos-config/templates/secret.yaml
Outdated
| namespace: {{.Values.certManager.namespace}} | ||
| spec: | ||
| dnsNames: | ||
| - certs.oie.intel.com |
There was a problem hiding this comment.
Please remove any references to intel stuff.
badhrinathpa
force-pushed
the
cert-manager
branch
2 times, most recently
from
386b6f9
to
328cbc0
Compare
badhrinathpa
force-pushed
the
cert-manager
branch
from
328cbc0
to
e5aa4d5
Compare
badhrinathpa
force-pushed
the
cert-manager
branch
2 times, most recently
from
d5b298d
to
fa604d9
Compare
badhrinathpa
force-pushed
the
cert-manager
branch
from
fa604d9
to
abdf7fd
Compare
updated. |
onos-config/values.yaml
Outdated
| @@ -24,6 +24,22 @@ global: | |||
|
|
|||
| replicaCount: 1 | |||
|
|
|||
| grpc: | |||
There was a problem hiding this comment.
I think this should have logging in it somewhere - you're not enabling grpc
onos-topo/values.yaml
Outdated
| @@ -19,6 +19,22 @@ global: | |||
|
|
|||
| replicaCount: 1 | |||
|
|
|||
| grpc: | |||
There was a problem hiding this comment.
same comment - should include logging
onos-topo/values.yaml
Outdated
| certManager: | ||
| enabled: false | ||
| name: onos-topo-cert | ||
| namespace: rocaas |
onos-topo/templates/secret.yaml
Outdated
| kind: Certificate | ||
| metadata: | ||
| name: {{.Values.certManager.name}} | ||
| namespace: {{.Values.certManager.namespace}} |
There was a problem hiding this comment.
Should be .Release.namespace
onos-config/templates/secret.yaml
Outdated
| kind: Certificate | ||
| metadata: | ||
| name: {{.Values.certManager.name}} | ||
| namespace: {{.Values.certManager.namespace}} |
There was a problem hiding this comment.
should be .Release.namespace
onos-config/values.yaml
Outdated
| certManager: | ||
| enabled: false | ||
| name: onos-config-cert | ||
| namespace: rocaas |
| enabled: false | ||
| name: onos-config-cert | ||
| namespace: rocaas | ||
| secretName: onos-config-secret |
There was a problem hiding this comment.
the actual secrets are getting a generated name like
onos-config-cert-qkppl Opaque 1 25m
onos-topo-cert-x7c5k Opaque 1 25m
and so don't match up with what's here
There was a problem hiding this comment.
this would happen if the cert manager is not used to generate certificate.
badhrinathpa
force-pushed
the
cert-manager
branch
2 times, most recently
from
6af754a
to
1261539
Compare
badhrinathpa
force-pushed
the
cert-manager
branch
from
1261539
to
e9f5666
Compare
badhrinathpa
requested review from
adibrastegarnia
and removed request for
tomikazi and
ray-milkey
|
retest this please |
Adding the closing `{{- end }}`
|
retest this please |
No description provided.