Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-9491

[RN] Allow external TLS configuration for routes

XMLWordPrintable

    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • Release Notes
    • Hide
      = External TLS configuration now supported for routes

      You can now use external tools, such as `cert-manager`, to manage the TLS configuration for workspace routes. When this feature is enabled, the Dev Spaces operator does not revert any custom TLS settings that are applied to these resources.

      To enable this feature, configure the `externalTLSConfig` field in the `CheCluster` custom resource:

      [source,yaml]
      ----
      spec:
        devEnvironments:
          networking:
            externalTLSConfig:
              // Enabled determines whether external TLS configuration is used.
              // If set to true, the operator will not set TLS config for route objects.
              // Instead, it ensures that any custom TLS configuration will not be reverted on synchronization.
              enabled: <bool>
              // Labels to be applied to route objects when external TLS is enabled.
              labels: <map[string]string>
              // Annotations to be applied to route objects when external TLS is enabled.
              annotations: <map[string]string>
      ----
      Show
      = External TLS configuration now supported for routes You can now use external tools, such as `cert-manager`, to manage the TLS configuration for workspace routes. When this feature is enabled, the Dev Spaces operator does not revert any custom TLS settings that are applied to these resources. To enable this feature, configure the `externalTLSConfig` field in the `CheCluster` custom resource: [source,yaml] ---- spec:   devEnvironments:     networking:       externalTLSConfig:         // Enabled determines whether external TLS configuration is used.         // If set to true, the operator will not set TLS config for route objects.         // Instead, it ensures that any custom TLS configuration will not be reverted on synchronization.         enabled: <bool>         // Labels to be applied to route objects when external TLS is enabled.         labels: <map[string]string>         // Annotations to be applied to route objects when external TLS is enabled.         annotations: <map[string]string> ----
    • Enhancement
    • Done

      This feature enables external tools such as cert-manager to inject TLS configuration into workspace ingresses/routes. The following fields have been added to the CheCluster CR:
      spec:
      devEnvironments:
      networking:
      externalTLSConfig:
      // Enabled determines whether external TLS configuration is used.
      // If set to true, the operator will not set TLS config for ingress/route objects.
      // Instead, it ensures that any custom TLS configuration will not be reverted on synchronization.
      enabled: <bool>
      // Labels to be applied to ingress/route objects when external TLS is enabled.
      labels: <map[string]string>
      // Annotations to be applied to ingress/route objects when external TLS is enabled.
      annotations: <map[string]string>

              gtrivedi@redhat.com Gaurav Trivedi
              gtrivedi@redhat.com Gaurav Trivedi
              Valerii Svydenko Valerii Svydenko
              Gaurav Trivedi Gaurav Trivedi
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: