-
Notifications
You must be signed in to change notification settings - Fork 498
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Separate TiDB client certificate can be used for each component #2403
Conversation
@@ -318,8 +318,8 @@ func (bm *backupManager) makeBackupJob(backup *v1alpha1.Backup) (*batchv1.Job, s | |||
if tc.Spec.TiDB.TLSClient != nil && tc.Spec.TiDB.TLSClient.Enabled && !tc.SkipTLSWhenConnectTiDB() { | |||
args = append(args, "--client-tls=true") | |||
clientSecretName := util.TiDBClientTLSSecretName(backup.Spec.BR.Cluster) | |||
if backup.Spec.From.TLSClient != nil && backup.Spec.From.TLSClient.TLSSecret != "" { | |||
clientSecretName = backup.Spec.From.TLSClient.TLSSecret | |||
if backup.Spec.From.TLSClientSecretName != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also check the length of *backup.Spec.From.TLSClientSecretName?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same comment apply for the code in the other files.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to check it here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/merge |
/run-all-tests |
@weekface merge failed. |
/run-e2e-tests |
/merge |
/run-all-tests |
/run-cherry-picker |
cherry pick to release-1.1 in PR #2450 |
What problem does this PR solve?
fixes: #2384
What is changed and how does it work?
Check List
Tests
Code changes
Side effects
Related changes
Does this PR introduce a user-facing change?:
ACTION_REQUIRED: Users should migrate the old TLS configs of Backup and Restore to the new configs.
TLS configs in old
Backup
:TLS configs in new
Backup
:TLS configs in old
Restore
:TLS configs in new
Restore
: