Skip to content

Commit 0b437e3

Browse files
zzzeekzzzeek
committed
add help for TLS secret update in kuttl/chainsaw
Originally I had updated the secrets here, however we want to sync up with what dciabrin merged in 1bb2318 so this reverts the secrets back to that merge.
1 parent 372c660 commit 0b437e3

File tree

4 files changed

+27
-1
lines changed

4 files changed

+27
-1
lines changed

config/samples/cert-manager-galera-cert.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ spec:
4747
secretTemplate:
4848
labels:
4949
mariadb-ref: openstack
50-
duration: 6h
50+
duration: 12720h
5151
renewBefore: 1h
5252
subject:
5353
organizations:

tests/chainsaw/common/tls-certificate.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,15 @@
6868
# group: cert-manager.io
6969
# kind: Issuer
7070
# ---
71+
#
72+
# STEPS TO RECREATE, WHEN CERT EXPIRES (errors in pod logs):
73+
#
74+
# 1. make sure cert-manager-operator is installed and running
75+
# 2. install galera-cert and dependencies:
76+
# oc apply -f config/samples/cert-manager-galera-cert.yaml
77+
# 3. copy secret/galera-tls data below, change ca.crt to tls-ca-bundle.pem
78+
# 4. add # notsecret suffix to the tls.key value
79+
#
7180
apiVersion: v1
7281
kind: Secret
7382
metadata:

tests/kuttl/tests/galera_cluster_restart/02-tls-certificate.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,15 @@
3535
# group: cert-manager.io
3636
# kind: Issuer
3737
# ---
38+
#
39+
# STEPS TO RECREATE, WHEN CERT EXPIRES (errors in pod logs):
40+
#
41+
# 1. make sure cert-manager-operator is installed and running
42+
# 2. install galera-cert and dependencies:
43+
# oc apply -f config/samples/cert-manager-galera-cert.yaml
44+
# 3. copy secret/galera-tls data below, change ca.crt to tls-ca-bundle.pem
45+
# 4. add # notsecret suffix to the tls.key value
46+
#
3847
apiVersion: v1
3948
kind: Secret
4049
metadata:

tests/kuttl/tests/galera_deploy_tls/01-tls-certificate.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,14 @@
3535
# group: cert-manager.io
3636
# kind: Issuer
3737
# ---
38+
# STEPS TO RECREATE, WHEN CERT EXPIRES (errors in pod logs):
39+
#
40+
# 1. make sure cert-manager-operator is installed and running
41+
# 2. install galera-cert and dependencies:
42+
# oc apply -f config/samples/cert-manager-galera-cert.yaml
43+
# 3. copy secret/galera-tls data below, change ca.crt to tls-ca-bundle.pem
44+
# 4. add # notsecret suffix to the tls.key value
45+
#
3846
apiVersion: v1
3947
kind: Secret
4048
metadata:

0 commit comments

Comments
 (0)