Add reconciler logic for DomainMapping AutoTLS#10467
Add reconciler logic for DomainMapping AutoTLS#10467knative-prow-robot merged 11 commits intoknative:masterfrom
Conversation
knative-prow-robot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
knative-prow-robot
added
the
size/L
knative-prow-robot
added
area/API
tcnghia
force-pushed
the
dm-tls-controller
branch
from
1cc4246 to
5059cc8
Compare
Codecov Report
@@ Coverage Diff @@
## master #10467 +/- ##
==========================================
+ Coverage 88.02% 88.07% +0.05%
==========================================
Files 187 187
Lines 8808 8849 +41
==========================================
+ Hits 7753 7794 +41
- Misses 814 816 +2
+ Partials 241 239 -2
Continue to review full report at Codecov.
|
tcnghia
force-pushed
the
dm-tls-controller
branch
2 times, most recently
from
2af2bd4 to
1508951
Compare
knative-prow-robot
added
size/XL
tcnghia
force-pushed
the
dm-tls-controller
branch
from
1508951 to
114be33
Compare
tcnghia
force-pushed
the
dm-tls-controller
branch
from
114be33 to
c674cdf
Compare
knative-prow-robot
removed
the
do-not-merge/work-in-progress
|
/test pull-knative-serving-istio-stable-no-mesh-tls |
1 similar comment
|
/test pull-knative-serving-istio-stable-no-mesh-tls |
| annotationValue := dm.Annotations[networking.DisableAutoTLSAnnotationKey] | ||
| disabledByAnnotation, err := strconv.ParseBool(annotationValue) | ||
| if annotationValue != "" && err != nil { | ||
| // validation should've caught an invalid value here. | ||
| // if we have one anyways, assume not disabled and log a warning. | ||
| logger.Warnf("Invalid annotation value for %q. Value: %q", | ||
| networking.DisableAutoTLSAnnotationKey, annotationValue) |
There was a problem hiding this comment.
this looks like a method on DM itself?
There was a problem hiding this comment.
Sure, I'll follow up.
| // Check that our Reconciler implements CertificateAccessor | ||
| var _ networkaccessor.CertificateAccessor = (*Reconciler)(nil) | ||
|
|
||
| // GetNetworkingClient implements networking.CertificateAccessor |
There was a problem hiding this comment.
There was a problem hiding this comment.
I don't see a call to GetNetworkingClient there.
There was a problem hiding this comment.
Hm, it's passed down... not sure we should do pass reconciler down. Rather we should pass down the networking client.
There was a problem hiding this comment.
I can follow up with a change to fix route and domainmapping reconciler both.
| return r.netclient | ||
| } | ||
|
|
||
| // GetCertificateLister implements networking.CertificateAccessor |
There was a problem hiding this comment.
|
/assign @vagababov @YoussB |
|
/assign @julz |
Co-authored-by: Julian Friedman <julz.friedman@uk.ibm.com>
|
/test pull-knative-serving-istio-stable-no-mesh |
|
/hold |
knative-prow-robot
added
the
do-not-merge/hold
|
/unhold @julz @vagababov I've addressed most of your feedbacks, except for a few that I will follow up. |
knative-prow-robot
removed
the
do-not-merge/hold
julz
left a comment
julz
left a comment
There was a problem hiding this comment.
/lgtm
/hold so @vagababov can have a look and in case you want to do the little suggested refactor (but Im fine if you prefer this way or want to do it separately).
knative-prow-robot
added
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: julz, tcnghia The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
tcnghia
force-pushed
the
dm-tls-controller
branch
from
265eab7 to
6220801
Compare
Co-authored-by: Victor Agababov <vagababov@gmail.com>
|
/lgtm |
knative-prow-robot
added
lgtm
| domainmappingreconciler "knative.dev/serving/pkg/client/injection/reconciler/serving/v1alpha1/domainmapping" | ||
| "knative.dev/serving/pkg/reconciler/domainmapping/config" | ||
| "knative.dev/serving/pkg/reconciler/domainmapping/resources" | ||
| routeresources "knative.dev/serving/pkg/reconciler/route/resources" |
There was a problem hiding this comment.
Can we move this somewhere common?
There was a problem hiding this comment.
I'll follow up with that as well.
There was a problem hiding this comment.
Got an issue with a DomainMapping:
party knative.party Unknown NewObservedGenFailure
Looking at the logs of the kcert:
Warning InternalError 3m23s (x17 over 8m51s) certificate-controller Service "knative.party" is invalid: metadata.name: Invalid value: "knative.party": a DNS-1035 label must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character (e.g. 'my-name', or 'abc-123', regex used for validation is '[a-z]([-a-z0-9]*[a-z0-9])?')```
There was a problem hiding this comment.
I believe you need to update net-http01, let's discuss in slack
7 participants
Part of #10247
Proposed Changes
Release Note