Skip to content

Allow challenges for hosts that don't match the route's host #13637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
knative-prow merged 1 commit into from
Jan 23, 2023
Merged

Allow challenges for hosts that don't match the route's host #13637

knative-prow merged 1 commit into from
Jan 23, 2023

Conversation

@dprotaso
Copy link
Member

@dprotaso dprotaso commented Jan 23, 2023
edited
Loading

This allows certificate plugins (ie. net-cert-manager) to deal
with domain names that are really long.

Part of knative-extensions/net-certmanager#214 (comment)

Was testing it via #13621

@dprotaso
Allow challenges for hosts that don't match the route's host
b4c6b6c 
This allows certificate plugins (ie. net-cert-manager) to deal
with domain names that are really long.
@knative-prow knative-prow bot added the area/API API objects and controllers label Jan 23, 2023
@knative-prow
Copy link

knative-prow bot commented Jan 23, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dprotaso

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow knative-prow bot added area/networking approved Indicates a PR has been approved by an approver from all required OWNERS files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Jan 23, 2023
@codecov
Copy link

codecov bot commented Jan 23, 2023
edited
Loading

Codecov Report

Base: 86.17% // Head: 86.17% // Decreases project coverage by -0.01% ⚠️

Coverage data is based on head (b4c6b6c) compared to base (87f5b62).
Patch coverage: 88.23% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #13637      +/-   ##
==========================================
- Coverage   86.17%   86.17%   -0.01%     
==========================================
  Files         197      197              
  Lines       14722    14727       +5     
==========================================
+ Hits        12687    12691       +4     
+ Misses       1734     1733       -1     
- Partials      301      303       +2
Impacted Files Coverage Δ
pkg/reconciler/route/resources/ingress.go 95.00% <85.71%> (-1.19%) ⬇️
pkg/reconciler/domainmapping/resources/ingress.go 100.00% <100.00%> (ø)
pkg/autoscaler/statserver/server.go 73.72% <0.00%> (-2.19%) ⬇️
pkg/reconciler/route/route.go 81.23% <0.00%> (+0.92%) ⬆️
pkg/autoscaler/scaling/multiscaler.go 88.59% <0.00%> (+1.34%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

KauzClay
KauzClay reviewed Jan 23, 2023
View reviewed changes
pkg/reconciler/route/resources/ingress.go
}

// MakeACMEIngressPaths returns a set of netv1alpha1.HTTPIngressPath
// that can be used to perform ACME challenges.
Copy link
Contributor

@KauzClay KauzClay Jan 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should there be a comment added here to explain the new return value?

Copy link
Member Author

@dprotaso dprotaso Jan 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What were you thinking?

Copy link
Contributor

@KauzClay KauzClay Jan 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess I was thinking something to explain what the extra domains are for. "Also returns hosts in the challenge that are not in domains". But I suppose that is just explaining the code at that point

Copy link
Member Author

@dprotaso dprotaso Jan 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Also returns hosts in the challenge that are not in domains"

This function is actually all the route domains (not the HTTP01 challenge domains)

ie.
route-1.blah.example.com
route-1.blah.svc.cluster.local
route-1.blah.svc
route-1.blah

@KauzClay
Copy link
Contributor

KauzClay commented Jan 23, 2023

/lgtm

@knative-prow knative-prow bot added the lgtm Indicates that a PR is ready to be merged. label Jan 23, 2023
@knative-prow knative-prow bot merged commit 9004443 into knative:main Jan 23, 2023
@dprotaso dprotaso deleted the relax-http01-domain branch February 1, 2023 16:41
@linkvt linkvt mentioned this pull request Nov 24, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrew-su andrew-su Awaiting requested review from andrew-su

@nader-ziada nader-ziada Awaiting requested review from nader-ziada

1 more reviewer

@KauzClay KauzClay KauzClay left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@KauzClay KauzClay

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/API API objects and controllers area/networking lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dprotaso @KauzClay