Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restart pods on certificate renewal #1165

Merged
merged 3 commits into from
Sep 12, 2024
Merged

Restart pods on certificate renewal #1165

merged 3 commits into from
Sep 12, 2024

Conversation

bdunne
Copy link
Member

@bdunne bdunne commented Sep 12, 2024

  • Refactor labeling methods
  • Ensure pods are restarted when certificates are renewed
  • Watch for changes to the cr.Spec.InternalCertificatesSecret secrets

CP4AIOPS-5110

@bdunne
Track SSL certificate resource version
fd59735 
Ensure that pods are restarted to pick up newe certificates when they are
updated.

CP4AIOPS-5110
@bdunne
We also need to watch certain secrets that we don't own for changes.
2679808 
In this case we need to set the resourceVersion of the secret containing
the SSL certs on the pods that use them, but we don't "own" it, so changes
to it weren't triggering a reconcile.  We don't want to "own" this
secret because it would get garbage collected if our CR disappeared
(we don't want that to happen).  So, we can watch all secrets and trigger
a reconcile on any manageiqs that have it as the value of Spec.InternalCertificatesSecret

CP4AIOPS-5110
@bdunne bdunne changed the title [wip] Restart pods on certificate renewal Restart pods on certificate renewal Sep 12, 2024
@Fryguy Fryguy merged commit 7698877 into ManageIQ:master Sep 12, 2024
2 checks passed
@bdunne bdunne deleted the restart_pods_on_new_certs branch September 12, 2024 17:39
@Fryguy
Copy link
Member

Fryguy commented Sep 12, 2024

Backported to radjabov in commit 9ae96e8.

commit 9ae96e8fe63b581a25100d7276cfd11a3882d642
Author: Jason Frey <[email protected]>
Date:   Thu Sep 12 13:33:04 2024 -0400

    Merge pull request #1165 from bdunne/restart_pods_on_new_certs
    
    Restart pods on certificate renewal
    
    (cherry picked from commit 7698877363c1473a6da177ff8dafdb864f4dc6b5)

Fryguy added a commit that referenced this pull request Sep 12, 2024
@Fryguy
Merge pull request #1165 from bdunne/restart_pods_on_new_certs
9ae96e8 
Restart pods on certificate renewal

(cherry picked from commit 7698877)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Fryguy Fryguy Fryguy approved these changes

Assignees

@Fryguy Fryguy

Labels
enhancement radjabov/backported
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bdunne @Fryguy