Uploaded image for project: 'OpenShift Etcd'
  1. OpenShift Etcd
  2. ETCD-574

Update TLS artifact descriptions according to registry requirements

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • None
    • Strategic Product Work
    • 3
    • False
    • None
    • False
    • OCPSTRAT-1422 - [etcd] Automatic rotation of etcd signer certs when the cluster is still online
    • ETCD Sprint 251, ETCD Sprint 252, ETCD Sprint 256

      All openshift TLS artifacts (secrets and configmaps) now have a requirement to have an annotation for user facing descriptions per the metadata registry for TLS artifacts.
      https://github.com/openshift/origin/tree/master/tls

      There is a guideline for how these descriptions must be written:
      https://github.com/openshift/origin/blob/master/tls/descriptions/descriptions.md#how-to-meet-the-requirement

      The descriptions for the etcd's TLS artifacts don't meet that requirement and should be updated to point out the required details e.g hostnames, subjects and what kind of certificates the signer is signing.
      https://github.com/openshift/origin/blob/8ffdb0e38af1319da4a67e391ee9c973d865f727/tls/descriptions/descriptions.md#certificates-22-1

      https://github.com/openshift/cluster-etcd-operator/blob/master/pkg/tlshelpers/tlshelpers.go#L74

      See also:
      https://github.com/openshift/origin/blob/master/tls/descriptions/descriptions.md#Certificates-85

              tjungblu@redhat.com Thomas Jungblut
              rhn-coreos-htariq Haseeb Tariq
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: