Comments (15)
ritazh
commented on May 29, 2024
3
Sorry for the delay.
First release 🎉
https://github.com/open-policy-agent/cert-controller/releases/tag/v0.1.0
from cert-controller.
maxsmythe
commented on May 29, 2024
1
Not sure I like the idea of mixing the two. Users who do use the standard flag parser may accidentally also set the config option, which would negate the config.
How do people feel about...
- Starting tagging commits with semver so that we can track non-backwards-compatible changes
- Removing the flag and implementing a config option, incrementing this semver
Projects using this would then be able to just implement their flag individually should they want to keep it.
I'm not sure how many consumers of this project there are, but hopefully the semver stuff will give them enough warning to avoid surprise.
from cert-controller.
ritazh
commented on May 29, 2024
1
Since we don't have CI to automate releases yet until #14 is done, I could manually create/push a tag with the latest commit in master. This should also help unblock #18 WDYT @maxsmythe?
from cert-controller.
adrianludwin
commented on May 29, 2024
What happens if we give the option to set this option when you're starting up the rotator? That way, if you never call flag.Parse(), you get to pick what you want the value to be. But if you do call flag.Parse() and don't pass in the override, then we'll maintain the current behaviour. What do you think?
from cert-controller.
stijndehaes
commented on May 29, 2024
@adrianludwin that would be fine for me.
So we add the option to the CertRotator struct and in the AddRotator call we do something like:
func AddRotator(mgr manager.Manager, cr *CertRotator) error {
restartOnSecretRefresh = restartOnSecretRefresh || cr.restartOnSecretRefresh
...
}
I can make a PR for this :)
from cert-controller.
adrianludwin
commented on May 29, 2024
Yup that lgtm (looks good to me)! Note that I'm not an owner of this project but I suspect that @maxsmythe , @ritazh etc would be happy with this as well.
from cert-controller.
adrianludwin
commented on May 29, 2024
+100 to semver. I kind of liked "batteries included" but I guess that does
make it a bit worse as a library, so I could live with that!
…On Thu, Jan 14, 2021 at 4:27 PM Max Smythe ***@***.***> wrote:
Not sure I like the idea of mixing the two. Users who do use the standard
flag parser may accidentally also set the config option, which would negate
the config.
How do people feel about...
1. Starting tagging commits with semver so that we can track
non-backwards-compatible changes
2. Removing the flag and implementing a config option, incrementing
this semver
Projects using this would then be able to just implement their flag
individually should they want to keep it.
I'm not sure how many consumers of this project there are, but hopefully
the semver stuff will give them enough warning to avoid surprise.
@ritazh <https://github.com/ritazh> @shomron <https://github.com/shomron>
thoughts?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#19 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AE43PZDV4PXMZ4LR7I6S66LSZ5OVRANCNFSM4WAQGP3Q>
.
from cert-controller.
maxsmythe
commented on May 29, 2024
Yeah, working with some of these other libraries that use flags... the batteries included approach works great until you need to change the shape of the batteries :p
from cert-controller.
adrianludwin
commented on May 29, 2024
sgtm
…On Thu, Jan 14, 2021 at 8:45 PM Max Smythe ***@***.***> wrote:
Yeah, working with some of these other libraries that use flags... the
batteries included approach works great until you need to change the shape
of the batteries :p
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#19 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AE43PZAC6MGS7RD4V47BCUDSZ6M2FANCNFSM4WAQGP3Q>
.
from cert-controller.
stijndehaes
commented on May 29, 2024
I would be all for doing semver and making this a breaking change in a major release or something similar :)
from cert-controller.
ritazh
commented on May 29, 2024
+1 on semver and start cutting releases for this project. It would make introducing breaking changes much easier.
from cert-controller.
adrianludwin
commented on May 29, 2024
@ritazh , @maxsmythe - what do we need to do to make this happen? I'm not an admin on this repo so I can't create a release myself. Can we just call what we currently have "v0.1.0" and then start working towards v0.2.0?
from cert-controller.
maxsmythe
commented on May 29, 2024
SGTM
from cert-controller.
stijndehaes
commented on May 29, 2024
I made a PR for making this option part of the CertRotator struct: #23
from cert-controller.
maxsmythe
commented on May 29, 2024
Thanks!
from cert-controller.
Related Issues (20)
- Failed to wait for cert-rotator caches to sync in non-leader elected instances HOT 2
- Use "Get" by secret resourcename than "Watch" on all secrets. HOT 1
- Document the certificate generation and rotation execution flow
- Allow supporting both the new and old key in the webhook configs during key rotation
- Use 1 secret per webhook pod to store the public/private key pairs
- Allow for coordinated rotation of keys across multiple pods
- Add config options to control validity duration for generated certs
- What should the default cert validity duration be? HOT 1
- Need tag v0.2.0 for controller-runtime v0.7.0+ with go.mod HOT 1
- Delay when the certs are mounted and available for use HOT 8
- Create a new release that supports K8s 1.22+ HOT 4
- The webhook not start because of certFile check when deploy g8r out of cluster HOT 4
- rotator.AddRotator doesn't exit when the process is terminated HOT 1
- Recommended way to configure/run in multi-replica setting HOT 2
- Configure certificate validity duration
- Question on usefulness of RestartOnSecretRefresh
- Downtime after a caBundle until Secret propagation to pod HOT 12
- Support multiple dnsNames HOT 4
- Ready channel is never signaled on non-leaders HOT 3
- Add support for the Gatekeeper External Data Provider HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cert-controller.