Skip to content
This repository was archived by the owner on Jul 11, 2023. It is now read-only.

Abstract webhook logic to prepare for rotating certificates #4833

Merged
merged 4 commits into from
Jun 30, 2022
Merged

Abstract webhook logic to prepare for rotating certificates #4833

merged 4 commits into from
Jun 30, 2022

Conversation

steeling
Copy link
Contributor

@steeling steeling commented Jun 20, 2022
edited
Loading

Abstract the webhook logic so that it shares a common base set of methods for creating the server.

This is in preparation to allow these webhook servers to rotate their certificates

There's a couple things this PR does:

  1. Leverage a single, underlying webhook server that starts up the appropriate server with TLS and an ability to rotate certificates.
  2. remove ports as flags as these were neither exposed through helm, and there was a bug where if a user did specify a different port via the flags, it wouldn't actually be plumbed through properly.
  3. Remove inconsistency with health checks across the 3 backend systems, by creating a simple healthcheck on the metrics port.
  4. Switch the TLS Config from a hard coded cert to a getter function, to allow for future rotation

Part of #4839

@steeling steeling force-pushed the feature/webhooks branch 11 times, most recently from 1e13975 to a829887 Compare June 22, 2022 01:01
nojnhuh
nojnhuh reviewed Jun 22, 2022
View reviewed changes
jaellio
jaellio reviewed Jun 23, 2022
View reviewed changes
keithmattix
keithmattix reviewed Jun 28, 2022
View reviewed changes
@steeling steeling force-pushed the feature/webhooks branch 4 times, most recently from 4ecaeed to 19b4ca4 Compare June 29, 2022 17:33
steeling added 3 commits June 29, 2022 16:03
@steeling
Abstract webhook logic to prepare for rotating certificates
c417101 
Signed-off-by: Sean Teeling <seanteeling@microsoft.com>
@steeling
properly create or update webhooks
cfa80ed 
Signed-off-by: Sean Teeling <seanteeling@microsoft.com>
@steeling
address comments
cab097e 
Signed-off-by: Sean Teeling <seanteeling@microsoft.com>
@steeling
fix cli probers
db9485c 
Signed-off-by: Sean Teeling <seanteeling@microsoft.com>
@steeling steeling merged commit c8d7559 into openservicemesh:main Jun 30, 2022
@steeling steeling deleted the feature/webhooks branch June 30, 2022 19:51
This was referenced Jul 27, 2022
Closed
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@shashankram shashankram Awaiting requested review from shashankram

@snehachhabria snehachhabria Awaiting requested review from snehachhabria

@draychev draychev Awaiting requested review from draychev

@trstringer trstringer Awaiting requested review from trstringer

3 more reviewers

@keithmattix keithmattix keithmattix left review comments

@nojnhuh nojnhuh nojnhuh approved these changes

@jaellio jaellio jaellio approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@steeling @keithmattix @nojnhuh @jaellio