Skip to content

networking/configuring-a-custom-pki: Link back to builds trusted-CA config #22009

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wking wants to merge 1 commit into from
Closed

networking/configuring-a-custom-pki: Link back to builds trusted-CA config #22009

wking wants to merge 1 commit into from

Conversation

@wking
Copy link
Member

@wking wking commented May 12, 2020

Reciprocating the builds -> proxy link from 1fdd604 (#18207), so folks who think "I need to add X.509 trust" and land on the "custom PKI" section can see "oh, I'm not using a proxy, I guess I should configure the build tooling directly..." and head over. Also, we're likely to have a number of additional cluster components that have their own custom CA injection mechanisms, and this new section gives us a convenient list we can extend.

@wking
networking/configuring-a-custom-pki: Link back to builds trusted-CA c…
e837645 
…onfig

Reciprocating the builds -> proxy link from 1fdd604 (New assembly
for configuring custom pki, 2019-11-07, openshift#18207), so folks who think "I
need to add X.509 trust" and land on the "custom PKI" section can see
"oh, I'm not using a proxy, I guess I should configure the build
tooling directly..." and head over.  Also, we're likely to have a
number of additional cluster components that have their own custom CA
injection mechanisms, and this new section gives us a convenient list
we can extend.
kalexand-rh
kalexand-rh reviewed May 14, 2020
View reviewed changes
Copy link
Contributor

@kalexand-rh kalexand-rh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a few suggestions.

networking/configuring-a-custom-pki.adoc

Cluster components may provide alternative mechanisms for configuring additional trust, for situations when a proxy is not needed:

* xref:../builds/setting-up-trusted-ca.adoc[Builds]
Copy link
Contributor

@kalexand-rh kalexand-rh May 14, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's better for the link to use the doc title: s/Builds/Setting up additional trusted certificate authorities for builds

networking/configuring-a-custom-pki.adoc
certificate and key pair used by the cluster component.
====

== Alternatives for additional trust
Copy link
Contributor

@kalexand-rh kalexand-rh May 14, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider removing the heading. When it's rendered, it looks out of place.

networking/configuring-a-custom-pki.adoc

== Alternatives for additional trust

Cluster components may provide alternative mechanisms for configuring additional trust, for situations when a proxy is not needed:
Copy link
Contributor

@kalexand-rh kalexand-rh May 14, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I might say "If you do not use a proxy, you can configure some cluster components to provide additional trust instead:"

@openshift-bot
Copy link

openshift-bot commented Oct 12, 2020

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci-robot openshift-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 12, 2020
@openshift-bot
Copy link

openshift-bot commented Nov 11, 2020

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

@openshift-ci-robot openshift-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Nov 11, 2020
@openshift-bot
Copy link

openshift-bot commented Dec 11, 2020

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

@openshift-ci-robot
Copy link

openshift-ci-robot commented Dec 11, 2020

@openshift-bot: Closed this PR.

Details

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kalexand-rh kalexand-rh kalexand-rh left review comments

Assignees

No one assigned

Labels

lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@wking @openshift-bot @openshift-ci-robot @kalexand-rh