kubectl-status icon indicating copy to clipboard operation
kubectl-status copied to clipboard

Published 20 hours ago verified publisher icon bergerx

verify that ingress.spec.tls.secretName exists

Open bergerx opened this issue 3 years ago • 0 comments

In some cases, the certificate for ingress may be missing and it fallbacks to the default certificate.

It would be good if we can catch these cases:

  • ingress should have a .spec.tls, or its TLS will be up to default ingress config
  • the .spec.tls[*].hosts fields exist without a secretName next to it, this will use the default ingress cert
  • the secret exists
  • the secret is type: kubernetes.io/tls
  • the secret has the right keys (tls.crt and tls.key): https://kubernetes.io/docs/concepts/services-networking/ingress/#tls

I pushed some stretch goals into https://github.com/bergerx/kubectl-status/issues/200

bergerx avatar Oct 18 '21 15:10 bergerx