OCPBUGS-42434: Add the ability to auth via certs without storing them in etcd secret #323
Conversation
bryan-cox
force-pushed
the
aro-hcp-cert-auth
branch
from
4d47101 to
5eea873
Compare
|
/approve Already merged upstream so happy to have this backported |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: JoelSpeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
bryan-cox
force-pushed
the
aro-hcp-cert-auth
branch
from
5eea873 to
acee26a
Compare
|
/hold Let's wait for #320 to merge first. |
openshift-ci
bot
added
the
do-not-merge/hold
in etcd secret Signed-off-by: Bryan Cox <[email protected]>
bryan-cox
force-pushed
the
aro-hcp-cert-auth
branch
from
acee26a to
c12eb70
Compare
bryan-cox
changed the title
openshift-ci-robot
added
jira/severity-important
|
@bryan-cox: This pull request references Jira Issue OCPBUGS-42434, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/test e2e-azure |
1 similar comment
|
/test e2e-azure |
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/label acknowledge-critical-fixes-only |
openshift-ci
bot
added
the
acknowledge-critical-fixes-only
|
@bryan-cox: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
@bryan-cox: Jira Issue OCPBUGS-42434: Some pull requests linked via external trackers have merged: The following pull requests linked via external trackers have not merged:
These pull request must merge or be unlinked from the Jira bug in order for it to move to the next state. Once unlinked, request a bug refresh with Jira Issue OCPBUGS-42434 has not been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[ART PR BUILD NOTIFIER] Distgit: ose-azure-cluster-api-controllers |
|
/cherry-pick release-4.17 |
|
@bryan-cox: new pull request created: #329 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What this PR does / why we need it:
This is needed for ARO HCP.
Allows Service Principal with Certificate authentication to work with a path to the certificate rather than reading it from a k8s secret. This allows one to use the Secret Store CSI driver to mount a certificate from Azure Key Vault into a volume and pass that path to AzureClusterIdentity.