cert-manager
cert-manager copied to clipboard
cert-manager
fix: refactor challenge controller to be entirely non blocking
Pull Request Motivation
- The challenge controller now will only ever perform a single step at a time, updating the state on the Challenge and re-reconciling.
- New status fields on the challenge are used to store data for polling, allowing us to refactor out blocking calls.
- Solvers now return state that is persisted on the Challenge instead of blocking
- The ACME fork now has a non blocking CheckAuthorization which we use instead of the blocking WaitAuthorization
This PR is an extension of #7804, it is a larger refactor that removes all blocking.
Kind
/kind fix
Release Note
Refactor the challenge controller to no longer call the blocking method WaitAuthorization, removing the need for a timeout which can fail challenges prematurely.
Refactor the solver checks to be non blocking, instead persisting state on the challenge object.
@ThatsMrTalbot: The label(s) kind/fix cannot be applied, because the repository doesn't have them.
In response to this:
Pull Request Motivation
- The challenge controller now will only ever perform a single step at a time, updating the state on the Challenge and re-reconciling.
- New status fields on the challenge are used to store data for polling, allowing us to refactor out blocking calls.
- Solvers now return state that is persisted on the Challenge instead of blocking
- The ACME fork now has a non blocking CheckAuthorization which we use instead of the blocking WaitAuthorization
This PR is an extension of #7804, it is a larger refactor that removes all blocking.
Kind
/kind fix
Release Note
Refactor the challenge controller to no longer call the blocking method WaitAuthorization, removing the need for a timeout which can fail challenges prematurely. Refactor the solver checks to be non blocking, instead persisting state on the challenge object.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
![cert-manager-prow[bot] avatar](https://avatars.githubusercontent.com/in/877404?v=4 "Published by a pub.dev verified publisher"){kind=small}
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign sgtcodfish for approval. For more information see the Code Review Process.
The full list of commands accepted by this bot can be found here.
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@ThatsMrTalbot: The label(s) kind/feat cannot be applied, because the repository doesn't have them.
In response to this:
/kind feat
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
@mladen-rusev-cyberark: The label(s) /label cybr cannot be applied. These labels are supported: tide/merge-method-merge, tide/merge-method-rebase, tide/merge-method-squash. Is this label configured under labels -> additional_labels or labels -> restricted_labels in plugin.yaml?
In response to this:
/label cybr
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
PR needs rebase.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.