Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v0.10] Skip cabundle secrets when Gitrepo does not include GitRepo's .Spec.CABundle #2922

Closed
weyfonk opened this issue Oct 1, 2024 · 2 comments
Closed

[v0.10] Skip cabundle secrets when Gitrepo does not include GitRepo's .Spec.CABundle #2922

weyfonk opened this issue Oct 1, 2024 · 2 comments
Assignees
@mmartin24
Labels
kind/bug
Milestone
v2.9.3

Comments

@weyfonk
Copy link
Contributor

weyfonk commented Oct 1, 2024

Backport of #2904 to v0.10.
@weyfonk weyfonk self-assigned this Oct 1, 2024
@rancherbot rancherbot added this to Fleet Oct 1, 2024
@github-project-automation github-project-automation bot moved this to 🆕 New in Fleet Oct 1, 2024
@weyfonk weyfonk added this to the v2.9.3 milestone Oct 1, 2024
@weyfonk weyfonk moved this from 🆕 New to 🏗 In progress in Fleet Oct 1, 2024
@weyfonk weyfonk mentioned this issue Oct 1, 2024
Merged
@weyfonk weyfonk moved this from 🏗 In progress to Needs QA review in Fleet Oct 1, 2024
@weyfonk weyfonk moved this from Needs QA review to 👀 In review in Fleet Oct 1, 2024
@weyfonk
Copy link
Contributor Author

weyfonk commented Oct 1, 2024

Additional QA

Problem

Each git job would be created with a *-cabundle secret for the GitRepo, even when that GitRepo did not specify any .Spec.CABundle field.

Solution

Only create that secret when a non-empty .Spec.CABundle field exists.

Testing

Engineering Testing

Manual Testing

None.

Automated Testing

Updated integration tests to verify that a CA bundle secret is only created when the GitRepo has a non-empty .Spec.CABundle field.

QA Testing Considerations

This should be tested following the reproduction steps above.

Regressions Considerations

N/A

@weyfonk weyfonk moved this from 👀 In review to Needs QA review in Fleet Oct 1, 2024
@weyfonk weyfonk removed their assignment Oct 1, 2024
@mmartin24 mmartin24 self-assigned this Oct 3, 2024
@mmartin24
Copy link
Collaborator

Verified in Rancher v2.9-9877ad6f8a6805de6314d739b7023a4a075f525a-head with Fleet 104.1.0+up0.10.4-rc.1

  • Checked manually cabundle is not created with normal gitrepo. See difference before / after in screenshot:

2024-10-03_17-58

  • Checked automatically cabundle secret is created through already in-place automation here.

Note: I will add automation also for the first original case.

@github-project-automation github-project-automation bot moved this from Needs QA review to ✅ Done in Fleet Oct 3, 2024
@mmartin24 mmartin24 mentioned this issue Oct 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmartin24 mmartin24

Labels
kind/bug
Projects
Fleet
Archived in project
Milestone
v2.9.3
Development

No branches or pull requests
3 participants
@weyfonk @sbulage @mmartin24