[rollout-operator] Replace default webhooks.selfSignedCertSecretName with fullname#3990
[rollout-operator] Replace default webhooks.selfSignedCertSecretName with fullname#3990kimxogus wants to merge 4 commits intografana:mainfrom
Conversation
…d use chart's fullname Signed-off-by: tanner <tanner@dunamu.com>
kimxogus
force-pushed
the
feature/remove-default-secret-name
branch
from
5074f2a to
2cb15fb
Compare
dimitarvdimitrov
left a comment
dimitarvdimitrov
left a comment
There was a problem hiding this comment.
I left a couple of small comments
Perhaps my major question would be if this change would require manual upgrade path. If i understand correctly, the rollout operator would just ignore the existing secret and create a new one. There will be an orphaned secret in the namespace, but that shouldn't cause problems. Did i get this right? (it may be worth including these details in the PR description, since we don't have a changelog)
|
I have double checked that we have the correct permissions for this certificate to be re-created. This change looks to be safe, but could we just update the values.yaml and/or README/md.gotmpl with additional documentation explaining that the operator can safely update this value if need be. Is there a specific issue that this generic name is causing? A conflict in the namespace perhaps? |
kimxogus
force-pushed
the
feature/remove-default-secret-name
branch
3 times, most recently
from
a82ad34 to
4a7b3e1
Compare
Signed-off-by: tanner <tanner@dunamu.com>
kimxogus
force-pushed
the
feature/remove-default-secret-name
branch
from
4a7b3e1 to
ad598a6
Compare
|
@tcp13equals2 Sorry, I was too late. I've just applied suggested changes. |
4 participants
Certificate secret's default name
certificateis too general name, so I made it chart's fullname to match with the other resources.Changing cert secret name doesn't break existing installations. It will recreate rollout-operator pod and cert secret will be recreated as well.