Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include Pod UID on CertificateRequest resources #28

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

davidsbond
Copy link

This commit adds an additional label to the generated CertificateRequest
resources that includes the UID of the Pod that initiated the request via
the csi-driver implementation. The Pod UID is taken from the volume context
in the same way that is used to created the owner references.

Adding this label adds increased queryablility to see which pod generated
which certificate request. Internally at Jetstack, we want a way to monitor
unused certificates, so this label will help us in checking the specific pod.

It could be that some third party tool adds additional owner references to the
CertificateRequest resource, so this label (providing it isn't changed by another
third party) will give insight into the specific pod making the request.

Related to cert-manager/csi-driver#102

Signed-off-by: David Bond [email protected]

This commit adds an additional label to the generated CertificateRequest
resources that includes the UID of the Pod that initiated the request via
the csi-driver implementation. The Pod UID is taken from the volume context
in the same way that is used to created the owner references.

Adding this label adds increased queryablility to see which pod generated
which certificate request. Internally at Jetstack, we want a way to monitor
unused certificates, so this label will help us in checking the specific pod.

It could be that some third party tool adds additional owner references to the
CertificateRequest resource, so this label (providing it isn't changed by another
third party) will give insight into the specific pod making the request.

Related to cert-manager/csi-driver#102

Signed-off-by: David Bond <[email protected]>
@jetstack-bot jetstack-bot added dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jul 13, 2022
@jetstack-bot
Copy link
Contributor

Hi @davidsbond. Thanks for your PR.

I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@jetstack-bot jetstack-bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 13, 2022
@davidsbond
Copy link
Author

/assign @JoshVanL
/assign @jakexks

@JoshVanL
Copy link
Contributor

Thanks @davidsbond

/lgtm
/approve
/ok-to-test

/hold
In case you have any objections @munnerz

@jetstack-bot jetstack-bot added ok-to-test do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm Indicates that a PR is ready to be merged. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jul 13, 2022
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: davidsbond, JoshVanL

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 13, 2022
@JoshVanL
Copy link
Contributor

/lgtm cancel

@davidsbond, on second thoughts, could you please add an integration test for this?

@jetstack-bot jetstack-bot removed the lgtm Indicates that a PR is ready to be merged. label Jul 15, 2022
@munnerz
Copy link
Member

munnerz commented Feb 13, 2024

@davidsbond are you still interesting in getting this merged? Can you add a little test as Josh mentioned?

@davidsbond
Copy link
Author

This is a blast from the past. I'm not at Jetstack now and have no need for this personally. If it's still deemed worthwhile by maintainers I'm happy to look back at it and add that test. Otherwise I'm happy for this to be closed.

@munnerz munnerz added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. labels Mar 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. ok-to-test size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants