Add Support to Configure Leaf Certificate Validity Period in Karmada Operator

[jabellard]

What would you like to be added:
Today, when creating a Karmada instance to be managed by the operator, it's not possible to configure the validity period of the leaf certificates (e.g., API server certificate) generated by the operator. By default, the generated leafs certificates have a validity period of 1 year. This feature request is for providing the ability to configure the validity period of leaf certificates generated by the Karmada operator.

Why is this needed:
At Bloomberg, we're currently building a managed Karmada platform and want to use the Karmada operator to manage the entire lifecycle of managed Karmada instances. To align with organizational security policies and certificate management practices, we would like to have the ability to configure the validity period of the leaf certificates generated by the Karmada operator.

[edited by @RainbowMango ]
Proposal

• Proposal: Add Support to Configure Leaf Certificate Validity Period in Karmada Operator #6176

Iteration Tasks

• Feature implementation (@jabellard, Add Support to Configure Leaf Certificate Validity Period in Karmada Operator #6193)
• Feature documentation
• Test protection

[jabellard]

@RainbowMango , I just submitted a proposal for this.

[RainbowMango]

OK. I'll take a look.