Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not create wildcard certs when autoTLS is disabled #5636

Merged
merged 2 commits into from
Sep 24, 2019
Merged

Do not create wildcard certs when autoTLS is disabled #5636

merged 2 commits into from
Sep 24, 2019

Conversation

nak3
Copy link
Contributor

@nak3 nak3 commented Sep 22, 2019
edited
Loading

Proposed Changes

Currently nscert tries to create wildcard certs even though
cert-manager is not setup and cert-manger is not setup. Due to that, we
always get cert creation error when creating a new namespace.

To fix it, this patch changes to stop creating wildcard certs when
autoTLS is disabled.

/lint

Fixes #5635

Release Note

nscert does not create wildcard cert when autoTLS is disabled.

/cc @rmoe @ZhiminXiang @tcnghia

@knative-prow-robot
Copy link
Contributor

@nak3: GitHub didn't allow me to request PR reviews from the following users: rmoe.

Note that only knative members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

Proposed Changes

cert-manager is not setup and cert-manger is not setup. Due to that, we
always get cert creation error whenever creating a new namespace.

To fix it, this patch changes to stop creating wildcard certs when
autoTLS is disabled.

/lint

Fixes #5635

Release Note

nscert does not create wildcard cert when autoTLS is disabled.

/cc @rmoe @ZhiminXiang @tcnghia

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@googlebot googlebot added the cla: yes Indicates the PR's author has signed the CLA. label Sep 22, 2019
@knative-prow-robot knative-prow-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Sep 22, 2019
knative-prow-robot
knative-prow-robot reviewed Sep 22, 2019
View reviewed changes
Copy link
Contributor

@knative-prow-robot knative-prow-robot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nak3: 0 warnings.

In response to this:

Proposed Changes

cert-manager is not setup and cert-manger is not setup. Due to that, we
always get cert creation error whenever creating a new namespace.

To fix it, this patch changes to stop creating wildcard certs when
autoTLS is disabled.

/lint

Fixes #5635

Release Note

nscert does not create wildcard cert when autoTLS is disabled.

/cc @rmoe @ZhiminXiang @tcnghia

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@knative-prow-robot knative-prow-robot added the area/API API objects and controllers label Sep 22, 2019
@nak3
Do not create wildcard certs when autoTLS is disabled
46fd6c8 
Currently nscert tries to create wildcard certs even though
certmanager is not setup and certmanger is not setup. Due to that, we
always get cert creation error whenever creating a new namespace.

To fix it, this patch changes to stop creating wildcard certs when
autoTLS is disabled.
@nak3 nak3 changed the title Currently nscert tries to create wildcard certs even though Do not create wildcard certs when autoTLS is disabled Sep 22, 2019
@knative-prow-robot knative-prow-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Sep 22, 2019
@knative-metrics-robot
Copy link

The following is the coverage report on pkg/.
Say /test pull-knative-serving-go-coverage to re-run this coverage report

File Old Coverage New Coverage Delta
pkg/reconciler/nscert/nscert.go 84.9% 82.9% -2.0

@knative-test-reporter-robot
Copy link

The following jobs failed:

Test name Triggers Retries
pull-knative-serving-unit-tests 0/3

Failed non-flaky tests preventing automatic retry of pull-knative-serving-unit-tests:

pkg/activator/handler.TestActivationHandler
pkg/activator/handler.TestActivationHandler/active_endpoint

@markusthoemmes
Copy link
Contributor

/test pull-knative-serving-unit-tests

markusthoemmes
markusthoemmes approved these changes Sep 23, 2019
View reviewed changes
Copy link
Contributor

@markusthoemmes markusthoemmes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code makes sense to me. Not qualified to LGTM though.

/assign @ZhiminXiang

@knative-prow-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: markusthoemmes, nak3

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow-robot knative-prow-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 23, 2019
@ZhiminXiang
Copy link

/lgtm

@knative-prow-robot knative-prow-robot added the lgtm Indicates that a PR is ready to be merged. label Sep 23, 2019
@nak3
Copy link
Contributor Author

nak3 commented Sep 23, 2019

/test pull-knative-serving-unit-tests

@knative-prow-robot knative-prow-robot merged commit 94bab98 into knative:master Sep 24, 2019
@nak3 nak3 deleted the autotls-nscert branch September 24, 2019 00:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knative-prow-robot knative-prow-robot knative-prow-robot left review comments

@markusthoemmes markusthoemmes markusthoemmes approved these changes

@ZhiminXiang ZhiminXiang Awaiting requested review from ZhiminXiang

@tcnghia tcnghia Awaiting requested review from tcnghia

Assignees

@ZhiminXiang ZhiminXiang

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/API API objects and controllers cla: yes Indicates the PR's author has signed the CLA. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

nscert tries to create wildcard certs even though certmanger is not setup and autoTLS is disabled
7 participants
@nak3 @knative-prow-robot @knative-metrics-robot @knative-test-reporter-robot @markusthoemmes @ZhiminXiang @googlebot