Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please allow different name than ca.crt when Deploying Che with support for Git repositories with self-signed certificates. #20037

Closed
6 of 20 tasks
rhopp opened this issue Jun 29, 2021 · 2 comments
Closed
6 of 20 tasks

Please allow different name than ca.crt when Deploying Che with support for Git repositories with self-signed certificates. #20037

rhopp opened this issue Jun 29, 2021 · 2 comments
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/bug Outline of a bug - must adhere to the bug report template. severity/P2 Has a minor but important impact to the usage or development of the system.
Milestone
7.33

Comments

@rhopp
Copy link
Contributor

rhopp commented Jun 29, 2021

Describe the bug

When trying to configure Che to work properly with on-prem gitlab instance (with support of factories etc.) and the gitlab instance has self signed certificate, user gets to the point, where he needs to add the self signed certificate into two configmaps. This alone is not ideal, but to make it worse, the certificate filename (and thus the configmap key) needs to be named ca.crt in one case, but can't be named ca.crt in second case, which is confusing.

Relevant parts of documentation describing this:

Che version

I suspect this is affecting all the versions since implementing this feature. I reproduced this using CRW 2.9 based on Che 7.30

Steps to reproduce

Follow https://www.eclipse.org/che/docs/che-7/administration-guide/configuring-authorization/#configuring-gitlab-oauth2_che including the two links in Additional resources

Expected behavior

I would prefer if there was just a single place, single source of truth, where users would define all the certificates would reside.

If this is not possible for some reason I think we should not enforce these conflicting naming patterns.

Runtime

  • kubernetes (include output of kubectl version)
  • Openshift (include output of oc version)
    • OCP 4.7 & OCP 3.11
  • minikube (include output of minikube version and kubectl version)
  • minishift (include output of minishift version and oc version)
  • docker-desktop + K8S (include output of docker version and kubectl version)
  • other: (please specify)

Installation method

  • chectl
    • crwctl 2.9
  • OperatorHub
  • I don't know

Environment

  • my computer
    • Windows
    • Linux
    • macOS
  • Cloud
    • Amazon
    • Azure
    • GCE
    • other (please specify)
      • Openstack
  • Dev Sandbox (workspaces.openshift.com)
  • other: please specify
@rhopp rhopp added the kind/bug Outline of a bug - must adhere to the bug report template. label Jun 29, 2021
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jun 29, 2021
@tolusha
Copy link
Contributor

tolusha commented Jun 29, 2021

I think the easiest way to fix the issue is to update the doc https://www.eclipse.org/che/docs/che-7/installation-guide/deploying-che-with-support-for-git-repositories-with-self-signed-certificates/

--from-file=ca.crt=<path_to_certificate_file>

and remove requirements

the certificate file must be named ca.crt.

@tolusha tolusha added area/install Issues related to installation, including offline/air gap and initial setup sprint/next team/deploy labels Jun 29, 2021
@RomanNikitenko RomanNikitenko added severity/P2 Has a minor but important impact to the usage or development of the system. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jun 30, 2021
@tolusha tolusha mentioned this issue Jul 7, 2021
Closed
24 tasks
@tolusha tolusha added this to the 7.34 milestone Jul 8, 2021
@tolusha tolusha mentioned this issue Jul 9, 2021
Merged
6 tasks
@tolusha
Copy link
Contributor

tolusha commented Jul 13, 2021

The doc was updated.

@tolusha tolusha closed this as completed Jul 13, 2021
@tolusha tolusha modified the milestones: 7.34, 7.33 Jul 13, 2021
@tolusha tolusha mentioned this issue Jul 26, 2021
Closed
31 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/bug Outline of a bug - must adhere to the bug report template. severity/P2 Has a minor but important impact to the usage or development of the system.
Projects
None yet
Milestone
7.33
Development

No branches or pull requests
4 participants
@rhopp @tolusha @RomanNikitenko @che-bot