Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a check for the agent-tls-mode setting #416

Merged

Conversation

maxsokolovsky
Copy link
Contributor

@maxsokolovsky maxsokolovsky commented Jun 28, 2024

Issue: rancher/rancher#45589

Problem

The webhook needs to validate updates to the agent-tls-mode setting given the logic below.

Solution

If agent-tls-mode has default or value updated from system-store to strict, then all non-local clusters must
have a status condition AgentTlsStrictCheck set to True, unless the new setting has an overriding
annotation cattle.io/force=true.

CheckList

  • Test
  • Docs

@maxsokolovsky maxsokolovsky requested a review from a team as a code owner June 28, 2024 18:02
@MKlimuszka MKlimuszka requested a review from JonCrowther July 2, 2024 16:11
Copy link
Contributor

@JonCrowther JonCrowther left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything looks good, just one comment.

ericpromislow
ericpromislow previously approved these changes Jul 2, 2024
Copy link
Contributor

@ericpromislow ericpromislow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Verified everything passes with the GHA-based CI

@MKlimuszka MKlimuszka requested a review from JonCrowther July 3, 2024 22:07
ericpromislow
ericpromislow previously approved these changes Jul 3, 2024
Copy link
Contributor

@ericpromislow ericpromislow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JonCrowther
JonCrowther previously approved these changes Jul 4, 2024
@maxsokolovsky maxsokolovsky dismissed stale reviews from JonCrowther and ericpromislow via 783a795 July 5, 2024 14:26
MbolotSuse
MbolotSuse previously approved these changes Jul 5, 2024
JonCrowther
JonCrowther previously approved these changes Jul 5, 2024
@maxsokolovsky maxsokolovsky requested a review from MbolotSuse July 5, 2024 15:01
Copy link
Contributor

@MbolotSuse MbolotSuse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please squash when merging.

@maxsokolovsky maxsokolovsky merged commit 5fa648d into rancher:release/v0.5 Jul 5, 2024
2 checks passed
maxsokolovsky added a commit to maxsokolovsky/webhook that referenced this pull request Jul 8, 2024
maxsokolovsky added a commit that referenced this pull request Jul 9, 2024
* Add a check for the agent-tls-mode setting (#416)

* Keep importing a wrangler v2 package
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants