cert-utils-operator icon indicating copy to clipboard operation
cert-utils-operator copied to clipboard

Published 20 hours ago verified publisher icon redhat-cop

ability to inject ca_bundles from configmap

Open raffaelespazzoli opened this issue 4 years ago • 6 comments

ca_bundles are public info and there is a trend now make them available in configmaps rather than secrets. Cert-uitls should support injecting ca_bundles from configmaps. A single configmap to secret injector should suffice as all other injector support secret as source.

raffaelespazzoli avatar Dec 30 '20 14:12 raffaelespazzoli

This Fixes #41 also when closed.

raffaelespazzoli avatar Dec 30 '20 14:12 raffaelespazzoli

Going to review if this was completed as part of or #82

mathianasj avatar Apr 09 '21 12:04 mathianasj

@mathianasj can we close this?

raffaelespazzoli avatar Sep 29 '21 11:09 raffaelespazzoli

I will take a look today to make sure it is present

mathianasj avatar Sep 29 '21 11:09 mathianasj

Need this as well. The The Cluster Network Operator injects certificates across any namespace when an empty ConfigMap is created with the config.openshift.io/inject-trusted-cabundle=true label, but several components like the GitLab Runner Operator expect the ca-bundle within a secret.

Injecting the ca from the above configmap into the secret would be required.

QuingKhaos avatar Mar 24 '22 11:03 QuingKhaos

yes, like https://docs.openshift.com/container-platform/4.14/networking/configuring-a-custom-pki.html#certificate-injection-using-operators_configuring-a-custom-pki - just targeting secrets for the storage.

davidkarlsen avatar May 21 '24 23:05 davidkarlsen