This repository has been archived by the owner on Sep 30, 2020. It is now read-only.
Allow option to disable certificates management #243
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
redbaron
force-pushed
the
disable-cert-management
branch
from
d8db46b to
217e95c
Compare
Current coverage is 68.54% (diff: 75.00%)@@ master #243 diff @@
==========================================
Files 4 4
Lines 1100 1103 +3
Methods 0 0
Messages 0 0
Branches 0 0
==========================================
+ Hits 753 756 +3
Misses 261 261
Partials 86 86
|
mumoshu
reviewed
Jan 13, 2017
| @@ -46,6 +46,11 @@ availabilityZone: {{.AvailabilityZone}} | |||
| # ARN of the KMS key used to encrypt TLS assets. | |||
| kmsKeyArn: "{{.KMSKeyARN}}" | |||
|
|
|||
| # If you do not want kube-aws to manage certificaes, set it to false. If you do that | |||
| # you are responsible for making sure that nodes have correct certificates by the time | |||
| # daemons start up. | |||
There was a problem hiding this comment.
An example (or a link to a doc explaining it) of how to feed certificates to nodes before daemons start up would be helpful. I'm not really sure how myself and so are others!
Also, a brief explanation of when this feature is intended to be used (a.k.a why "you do not want kube-aws to manage certificates" in the first place) would be good to add, too.
mumoshu
reviewed
Jan 13, 2017
| return nil, err | ||
| } | ||
| stackConfig.Config.TLSConfig = compactAssets | ||
| } |
There was a problem hiding this comment.
Could you add a test for this?
I believe TestReadOrCreateCompactTLSAssets would be an useful reference.
There was a problem hiding this comment.
Would you like to me add the tests instead?
There was a problem hiding this comment.
please adopt / modify any of my PRs if it can speedup merging them to master
|
@redbaron Thanks as always! I'm impressed to the amount of contribution you're doing these days 👍 |
camilb
added a commit
to camilb/kube-aws
that referenced
this pull request
Feb 28, 2017
* coreos/master: (132 commits) fix: Spot Fleet doesn't support the t2 instance family Fix node pools on master Allow option to disable certificates management (kubernetes-retired#243) Bump to k8s 1.5.2 Update README.md Update ROADMAP.md Update ROADMAP.md Update ROADMAP.md Update the inline documentation in cluster.yaml typo Don't fail sed if some files are missing Workaround systemd issues with oneshot autorestarts etcd static IP addressing overhaul Calico self hosted integration (kubernetes-retired#124) Fix lint. bugfix for a typo in install-kube-system scripts Update README.md fix(e2e): Correctly wait for a node pool stack for deletion Don't require key-name param during cluster init Propagate SSHAuthorizedKeys to nodepools ...
camilb
added a commit
to camilb/kube-aws
that referenced
this pull request
Apr 21, 2017
* coreos/master: (49 commits) fix: Spot Fleet doesn't support the t2 instance family Fix node pools on master Allow option to disable certificates management (kubernetes-retired#243) Bump to k8s 1.5.2 Update README.md Update ROADMAP.md Update ROADMAP.md Update ROADMAP.md Update the inline documentation in cluster.yaml typo Don't fail sed if some files are missing Workaround systemd issues with oneshot autorestarts etcd static IP addressing overhaul Calico self hosted integration (kubernetes-retired#124) Fix lint. bugfix for a typo in install-kube-system scripts Update README.md fix(e2e): Correctly wait for a node pool stack for deletion Don't require key-name param during cluster init Propagate SSHAuthorizedKeys to nodepools ...
kylehodgetts
pushed a commit
to HotelsDotCom/kube-aws
that referenced
this pull request
Mar 27, 2018
* Allow option to disable certificates management * Don't create KMS policies if we don't use them
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.