-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Include Pod UID on CertificateRequest resources #28
base: main
Are you sure you want to change the base?
Conversation
This commit adds an additional label to the generated CertificateRequest resources that includes the UID of the Pod that initiated the request via the csi-driver implementation. The Pod UID is taken from the volume context in the same way that is used to created the owner references. Adding this label adds increased queryablility to see which pod generated which certificate request. Internally at Jetstack, we want a way to monitor unused certificates, so this label will help us in checking the specific pod. It could be that some third party tool adds additional owner references to the CertificateRequest resource, so this label (providing it isn't changed by another third party) will give insight into the specific pod making the request. Related to cert-manager/csi-driver#102 Signed-off-by: David Bond <[email protected]>
Hi @davidsbond. Thanks for your PR. I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Thanks @davidsbond /lgtm /hold |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: davidsbond, JoshVanL The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm cancel @davidsbond, on second thoughts, could you please add an integration test for this? |
@davidsbond are you still interesting in getting this merged? Can you add a little test as Josh mentioned? |
This is a blast from the past. I'm not at Jetstack now and have no need for this personally. If it's still deemed worthwhile by maintainers I'm happy to look back at it and add that test. Otherwise I'm happy for this to be closed. |
This commit adds an additional label to the generated CertificateRequest
resources that includes the UID of the Pod that initiated the request via
the csi-driver implementation. The Pod UID is taken from the volume context
in the same way that is used to created the owner references.
Adding this label adds increased queryablility to see which pod generated
which certificate request. Internally at Jetstack, we want a way to monitor
unused certificates, so this label will help us in checking the specific pod.
It could be that some third party tool adds additional owner references to the
CertificateRequest resource, so this label (providing it isn't changed by another
third party) will give insight into the specific pod making the request.
Related to cert-manager/csi-driver#102
Signed-off-by: David Bond [email protected]