argo-workflows
argo-workflows copied to clipboard
fix: Allow TLS secret configuration to be specified on the command line. Fixes #5582
Fixes #5582
Additionally, secrets (particularly those from cert-manager) contain a ca.crt
which is now added to the certificate trusts, meaning that the issue in #7632 should also be fixed properly, allowing privately signed certificates to be used by argo server.
I tested these changes by running argo server
locally and confirming that when ca.crt
is added to the TLSConfig as a trusted cert, the grpc-gateway endpoint /api/v1/info
returns a valid response. The UI appears functional, etc.
feat: adding support for getting tls certificates from kubernetes secret (e.g. (#7621)
@ChaosInTheCRD could you please take a look at this?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Can I propose we have a small PR with the fix for the flag, which we know we can merge, and then a second PR to discussed the complex bit?
Are we going to create a separate PR as @alexec suggested? Otherwise, I suggest in the worst case that the PR should be merged.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
@ChaosInTheCRD did you want to open a separate PR to fix the parameter?
@lnattrass @alexec Is it available with new argo-workflow 3.3.0 ?
No. It is not merged.
Hey folks, I have had a change in circumstances and have lost the time to properly merge this change. Sorry about that.
opened a PR to add the flag. I have not tested though
@alexec @lnattrass Do you when we are planning on merging this change ?
I think this PR needs a new owner.
@alexec As someone said earlier external cert support is there in the code, I was hoping it was just needs to be exposed.