-
Story
-
Resolution: Done
-
Undefined
-
None
-
None
-
None
-
None
-
Strategic Product Work
-
2
-
False
-
-
False
-
OCPSTRAT-172 - [GA] Cert-manager support router to load secrets
-
-
Currently, router sets the rejection reason as ExternalCertificateSecretDeleted when the referenced secret gets deleted. As part of this issue, we want that reason to be updated to common ExternalCertificateValidationFailed since there isn't any strong requirement to keep two distinct reasons.
Background:
Due to the router's design (details in slack thread), it re-triggers the plugin chain with MODIFIED event (after the status is updated), leading to route status overwrite from ExternalCertificateSecretDeleted to ExternalCertificateValidationFailed see here. However, as per the Slack discussion, there isn't any requirement to keep both statuses, which solves the end-user's perspective of updating the route's status an extra time.
Scope:
This story is only scoped to update the rejection reason and not solve the root cause of the re-trigger with the MODIFIED event.
- is incorporated by
-
OCPBUGS-33958 Router should continuously monitor the existence of the secret(spec.tls.externalCertificate)
-
- Verified
-