Skip to content

Bug 1720770: remove broken default serving cert setting#372

Merged
openshift-merge-robot merged 1 commit intoopenshift:masterfrom
deads2k:remove-dead
Jul 11, 2019
Merged

Bug 1720770: remove broken default serving cert setting#372
openshift-merge-robot merged 1 commit intoopenshift:masterfrom
deads2k:remove-dead

Conversation

@deads2k
Copy link
Copy Markdown
Contributor

@deads2k deads2k commented Jul 10, 2019

This setting is inherently dangerous because we rely on the default serving cert to have critical IPs included in valid names to allow the service network to continue to function. Customers should instead use the SNI capabilities we have to provide their certificates.

/assign @sttts @derekwaynecarr

@openshift-ci-robot
Copy link
Copy Markdown

openshift-ci-robot commented Jul 10, 2019

@deads2k: This pull request references a valid Bugzilla bug. The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Bug 1720770: remove broken default serving cert setting

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Jul 10, 2019
@openshift-ci-robot openshift-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 10, 2019
@deads2k
Copy link
Copy Markdown
Contributor Author

deads2k commented Jul 10, 2019

/cherrypick release-4.1

@openshift-cherrypick-robot
Copy link
Copy Markdown

openshift-cherrypick-robot commented Jul 10, 2019

@deads2k: once the present PR merges, I will cherry-pick it on top of release-4.1 in a new PR and assign it to you.

Details

In response to this:

/cherrypick release-4.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 10, 2019
@sttts
Copy link
Copy Markdown
Contributor

sttts commented Jul 11, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Jul 11, 2019
@openshift-ci-robot
Copy link
Copy Markdown

openshift-ci-robot commented Jul 11, 2019

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot merged commit 98d140e into openshift:master Jul 11, 2019
@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Jul 11, 2019
Merged
@openshift-cherrypick-robot
Copy link
Copy Markdown

openshift-cherrypick-robot commented Jul 11, 2019

@deads2k: new pull request created: #375

Details

In response to this:

/cherrypick release-4.1

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@abhinavdahiya
Copy link
Copy Markdown
Contributor

abhinavdahiya commented Jul 12, 2019

What's our field deprecation process?

@ravisantoshgudimetla ravisantoshgudimetla mentioned this pull request Jul 15, 2019
Closed
@wking
Copy link
Copy Markdown
Member

wking commented Jul 31, 2019

Looks like you missed this reference. Where does the default come from now? Or, if there is no longer a default, do we want the docs to talk about what happens when a requested name is not matched?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abhinavdahiya abhinavdahiya Awaiting requested review from abhinavdahiya

@adambkaplan adambkaplan Awaiting requested review from adambkaplan

Assignees

@sttts sttts

@derekwaynecarr derekwaynecarr

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@deads2k @openshift-ci-robot @openshift-cherrypick-robot @sttts @abhinavdahiya @wking @derekwaynecarr @openshift-merge-robot