8000 bootstrapper: add fallback endpoint and custom endpoint to apiserver certificate SAN field by malt3 · Pull Request #2108 · edgelesssys/constellation · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

bootstrapper: add fallback endpoint and custom endpoint to apiserver certificate SAN field #2108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 21, 2023
Merged

bootstrapper: add fallback endpoint and custom endpoint to apiserver certificate SAN field #2108

merged 1 commit into from
Jul 21, 2023

Conversation

malt3
Copy link
Contributor
@malt3 malt3 commented Jul 17, 2023
edited by azure-boards bot
Loading

Context

This is part of the canonical endpoint RFC. We start adding the fallback endpoint and the custom endpoint to the apiserver certificate SAN field.
After this is rolled out, we can use the new endpoints.

Proposed change(s)

  • bootstrapper: add fallback endpoint to SAN field
  • bootstrapper: add custom endpoint to SAN field
  • cli: migrate old clusters by adding endpoints to SAN in ClusterConfiguration of running cluster

Checklist

  • Update docs
  • Add labels (e.g., for changelog category)
  • Is PR title adequate for changelog?
  • Link to Milestone

@netlify

This comment was marked as off-topic.

Sign in to view
@malt3 malt3 added no changelog Change won't be listed in release changelog feature This introduces new functionality and removed no changelog Change won't be listed in release changelog labels Jul 17, 2023
@malt3 malt3 added this to the v2.10.0 milestone Jul 17, 2023
@malt3 malt3 marked this pull request as ready for review July 17, 2023 09:47
derpsteb
derpsteb reviewed Jul 17, 2023
View reviewed changes
derpsteb
derpsteb reviewed Jul 17, 2023
View reviewed changes
derpsteb
derpsteb reviewed Jul 17, 2023
View reviewed changes
derpsteb
derpsteb approved these changes Jul 17, 2023
View reviewed changes
Copy link
Contributor
@derpsteb derpsteb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doing another manual test run on all 3 CSPs. But code looks good to me :)

daniel-weisse
daniel-weisse reviewed Jul 18, 2023
View reviewed changes
3u13r
3u13r suggested changes Jul 19, 2023
View reviewed changes
cli/internal/kubernetes/upgrade.go
return fmt.Errorf("setting new kubeadm config: %w", err)
}

fmt.Fprintln(u.outWriter, "Successfully extended the cluster's apiserver SAN field")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This returns an unchecked error. This happens throughout this file. I think we should either handle this with "normal" error handling or have something like mustFprintln(...) or must(fmt.Fprintln(...)) so that we don't forget about the error.
Of course this can be handled in another PR.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll do a follow up PR

@malt3 malt3 requested a review from 3u13r July 20, 2023 13:13
3u13r
3u13r suggested changes Jul 20, 2023
View reviewed changes
@malt3 malt3 requested a review from 3u13r July 20, 2023 14:16
3u13r
3u13r suggested changes Jul 21, 2023
View reviewed changes
3u13r
3u13r approved these changes Jul 21, 2023
View reviewed changes
Copy link
Contributor
@3u13r 3u13r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@malt3 malt3 force-pushed the feat/bootstrapper/add-fallback-endpoint-to-san-field branch from 8e4505c to dbf95ab Compare July 21, 2023 14:08
@malt3
terraform: collect apiserver cert SANs and support custom endpoint
cae6420 
constants: add new constants for cluster configuration and custom endpoint

cloud: support apiserver cert sans and prepare for endpoint migration on AWS

config: add customEndpoint field

bootstrapper: use per-CSP apiserver cert SANs

cli: route customEndpoint to terraform and add migration for apiserver cert SANs

bootstrapper: change interface of GetLoadBalancerEndpoint to return host and port separately
@malt3 malt3 force-pushed the feat/bootstrapper/add-fallback-endpoint-to-san-field branch from dbf95ab to cae6420 Compare July 21, 2023 14:22
@malt3 malt3 merged commit 8da6a23 into main Jul 21, 2023
@malt3 malt3 deleted the feat/bootstrapper/add-fallback-endpoint-to-san-field branch July 21, 2023 14:43
@elchead elchead changed the title bootstrapper: add fallback endpoint and custom endpoint to SAN field bootstrapper: add fallback endpoint and custom endpoint to apiserver certificate SAN field Aug 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daniel-weisse daniel-weisse daniel-weisse approved these changes

@derpsteb derpsteb derpsteb approved these changes

@3u13r 3u13r 3u13r approved these changes

@katexochen katexochen Awaiting requested review from katexochen

Assignees
No one assigned
Labels
feature This introduces new functionality
Projects
None yet
Milestone
v2.10.0
Development

Successfully merging this pull request may close these issues.
4 participants
@malt3 @derpsteb @3u13r @daniel-weisse
0