-
Notifications
You must be signed in to change notification settings - Fork 6
enable SSL for the SDK pod #285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
enable SSL for the SDK pod #285
Conversation
…ble-ssl-for-replicated-sdk-pod
docker push ttl.sh/${USER}/replicated-sdk:24h | ||
|
||
make -C chart build-ttl.sh | ||
dagger call test-chart --progress=plain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the files this used to use were deleted with the move to dagger
} | ||
|
||
// loadTLSConfig loads TLS certificate and key from a Kubernetes secret | ||
func loadTLSConfig(clientset kubernetes.Interface, namespace, secretName string) (*tls.Config, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we do some certificate validation here? At least check the expiry?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Honestly I don't think so? Is it better to fallback to non-tls, or is it better to just keep serving the provided certificate?
What does this PR do?
This adds SSL support for the pod, and adds a bunch of dagger logging + a new dagger command
Does this PR introduce a user-facing change?