-
Notifications
You must be signed in to change notification settings - Fork 590
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add flag to skip CA certificates #2341
Conversation
Manual testing since this a flag that doesn't really work well with our normal test environment (basically all disable X flags are like this):
Oh no! That's not what we wanted at all! A caveat about this is that it's making the controller blind to certificates, so if you'd already created one it'll sit around in the DB. Flipping tthe flag will not remove existing certificates, but they won't come back if you delete and restart to force a fresh sync:
|
Blocked on the release of decK providing this feature. |
What this PR does / why we need it:
This adds a flag to control the deck behavior added in Kong/deck#617
Special notes for your reviewer:
At present, deck doesn't provide an option to skip these in file parsing (i.e. generating the target config), so it and this draft strip the certificates out after the fact. We should add an option to thechore(file) refactor target config cert omission deck#622 changes this and the draft has been updated to remove the duplicated logic.file.RenderConfig
to handle this instead so that the controller doesn't duplicate logic.PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR