trust-manager icon indicating copy to clipboard operation
trust-manager copied to clipboard

Published 20 hours ago verified publisher icon cert-manager

Add a design for public trust bundles

Open SgtCoDFish opened this issue 2 years ago • 3 comments

This proposal introduces a design by which bundles are stored in sidecar containers and consumed from a shared path by the controller container.

SgtCoDFish avatar Jul 27 '22 15:07 SgtCoDFish

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

jetstack-bot avatar Jul 27 '22 15:07 jetstack-bot

/test pull-cert-manager-trust-verify

I've updated the guide with proposed workflows for both static and dynamic bundles :+1:

SgtCoDFish avatar Aug 02 '22 09:08 SgtCoDFish

I've raised #46 as a very rough proof-of-concept for this!

SgtCoDFish avatar Aug 02 '22 17:08 SgtCoDFish

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

jetstack-bot avatar Dec 13 '22 15:12 jetstack-bot

Pushed an updated version of the design which more closely matches the version as implemented currently in #46

Attempts to laser-focus on the problem which I'd expect most users to want to solve, which is to add a single public trust 'package' and to easily refer to it in Bundle resources.

SgtCoDFish avatar Dec 13 '22 15:12 SgtCoDFish

/override pull-trust-manager-verify

Obviously flaking given none of the tests are changed in this PR!

SgtCoDFish avatar Dec 15 '22 16:12 SgtCoDFish

@SgtCoDFish: Overrode contexts on behalf of SgtCoDFish: pull-trust-manager-verify

In response to this:

/override pull-trust-manager-verify

Obviously flaking given none of the tests are changed in this PR!

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

jetstack-bot avatar Dec 15 '22 16:12 jetstack-bot

/override pull-trust-manager-verify

SgtCoDFish avatar Jan 12 '23 17:01 SgtCoDFish

@SgtCoDFish: Overrode contexts on behalf of SgtCoDFish: pull-trust-manager-verify

In response to this:

/override pull-trust-manager-verify

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

jetstack-bot avatar Jan 12 '23 17:01 jetstack-bot

I didn't realise this was still open!

We've now merged the actual feature, so there's no real reason to have this remain open. As such, I'll manually add an LGTM label so this merges.

SgtCoDFish avatar Mar 24 '23 14:03 SgtCoDFish

/override pull-trust-manager-verify /override pull-trust-manager-smoke

(obviously not ideal that these failed, but also obviously not related to this PR)

SgtCoDFish avatar Mar 24 '23 14:03 SgtCoDFish

@SgtCoDFish: Overrode contexts on behalf of SgtCoDFish: pull-trust-manager-smoke, pull-trust-manager-verify

In response to this:

/override pull-trust-manager-verify /override pull-trust-manager-smoke

(obviously not ideal that these failed, but also obviously not related to this PR)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

jetstack-bot avatar Mar 24 '23 14:03 jetstack-bot