forked from openstack-k8s-operators/openstack-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[TLS] TLS for public endpoints terminated at a route
Changes openstacklient * CRD to allows to pass in CA secret * use kolla to run the openstackclient and update the environment CA on start with passed in CA secret to validate endpoint certs. Adds CRD parameters to configure TLS for public and internal TLS. * per default self signed root CA + issuer get created for public and internal certs * public issuer can be provided by the user by referencing a named issuer in the namespace. Then this one is used. * user can provide a CA secret for certs to be added to the combined CA secret the openstack-operator creates to pass into services / openstackclient * refactors the current route create for followup on TLS-E to create certs for each service endpoint. * when TLS for public endpoint is enabled a Cert for the route gets automatically created and added to the route CR. TODO: * adding envtest coverage Jira: OSP-26299 Depends-On: openstack-k8s-operators/lib-common#351 Depends-On: openstack-k8s-operators/keystone-operator#318 Depends-On: openstack-k8s-operators/tcib#82
- Loading branch information
Showing
40 changed files
with
1,143 additions
and
228 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.