[TLS] Support https/http endpoints #303
Conversation
Adds an OverridSpec to the Route which allows to customize metadata.Annotations, metadata.Labels and spec of a route. The override values get merged into the object definition created by the operator. This allows e.g. to add custom labels, configure the route via annotations as in [1], or set TLS parameters. [1] https://docs.openshift.com/container-platform/4.13/networking/routes/route-configuration.html#nw-route-specific-annotations_route-configuration Jira: OSP-21715 Jira: OSP-26299
Allows register https endpoints when certificate is provided via the endpoint override. Depends-On: openstack-k8s-operators#293 Jira: OSP-26299
stuggi
force-pushed
the
tls_public_endpt
branch
4 times, most recently
from
cc12288 to
f408b00
Compare
| // TODO create TLS cert if non provided in override and data.Protocol == ProtocolHTTPS | ||
|
|
There was a problem hiding this comment.
We could allow the user to provide the annotations required for cert-manager since they already have access to routeOverrides via the other piece of work:
#293
Maybe we should preference that if users want TLS rather than implementing our own logic to generate TLS certs?
There was a problem hiding this comment.
We could allow the user to provide the annotations required for cert-manager since they already have access to routeOverrides via the other piece of work: #293
Maybe we should preference that if users want TLS rather than implementing our own logic to generate TLS certs?
sure, for public endpoints (route) a user can overwrite certs for public endpoints via my other PR you mentioned. but for tls-e need to create them based on the cert-manager issuer . I don't think for those it will work well if a user has to provide all the certs.
Allows to pass in TLSConfig settings the the openstackclient for register e.g. endpoints. The config can be a list of CACert's, Insecure parameter and client cert/key. Jira: OSP-26299
No description provided.