Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support k8s secrets in console pod #1800

Merged
merged 1 commit into from
Oct 10, 2023
Merged

Support k8s secrets in console pod #1800

merged 1 commit into from
Oct 10, 2023

Conversation

cniackz
Copy link
Contributor

@cniackz cniackz commented Oct 7, 2023
edited
Loading

To fix: #1439

Explanation:

In the certificate path we only look for public.crt and private.key to serve console in 9443. But in k8s we have other type of secrets with different file names like cert-manager secrets or k8s secrets, hence we should also support tls.crt and tls.key to allow people to use cert-manager or other methods not just our self-signed cert.

How to test:

  1. k proxy
  2. IntelliJ or other tool with this run/debug config:
Screenshot 2023-10-06 at 9 09 20 PM

How it looks:

$ pwd
/Users/cniackz/.console/certs
$ ls
CAs		tls.crt		tls.key
GOROOT=/usr/local/go #gosetup
GOPATH=/Users/cniackz/go #gosetup
/usr/local/go/bin/go build -trimpath -o /Users/cniackz/operator/go_build_github_com_minio_operator_cmd_operator . #gosetup
/Users/cniackz/operator/go_build_github_com_minio_operator_cmd_operator ui
Serving operator at http://[::]:9090
Serving operator at https://[::]:9443

Expected:

Serving operator at https://[::]:9443 <---- Meaning you are serving on HTTPS on that particular pod.

@cniackz cniackz requested a review from dvaldivia October 7, 2023 01:04
@cniackz cniackz self-assigned this Oct 7, 2023
@cniackz cniackz force-pushed the support-kubernetes-secrets branch from 2798870 to ec86505 Compare October 7, 2023 01:12
jiuker
jiuker approved these changes Oct 7, 2023
View reviewed changes
Copy link
Contributor

@jiuker jiuker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@cniackz cniackz requested a review from cesnietor October 7, 2023 01:38
@cniackz cniackz merged commit d619113 into minio:master Oct 10, 2023
24 checks passed
@cniackz
Copy link
Contributor Author

cniackz commented Oct 10, 2023

Thank you guys!

@cniackz cniackz deleted the support-kubernetes-secrets branch October 10, 2023 15:33
@djwfyi djwfyi mentioned this pull request Oct 17, 2023
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jiuker jiuker jiuker approved these changes

@pjuarezd pjuarezd pjuarezd approved these changes

@dvaldivia dvaldivia Awaiting requested review from dvaldivia

@harshavardhana harshavardhana Awaiting requested review from harshavardhana

@allanrogerr allanrogerr Awaiting requested review from allanrogerr

@reivaj05 reivaj05 Awaiting requested review from reivaj05

@cesnietor cesnietor Awaiting requested review from cesnietor

Assignees

@cniackz cniackz

Labels
community new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Console TLS incompatible with cert-manager certificate
4 participants
@cniackz @pjuarezd @jiuker @bh4t