Loading...

XML

Word

Printable

Details

Type: Feature Request
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: GitOps
Labels:
- validated-pattern

Story Points:
5
Blocked:
False
Blocked Reason:
None
Ready:
False
Color Status:
Not Selected
Hierarchy Progress:
0
Hierarchy Progress Bar:

0% 0%

SFDC Cases Counter:
SFDC Cases Links:

Description

Source: https://github.com/redhat-developer/gitops-operator/issues/297

Description

When the gitops-operator is installed, by default the cluster ArgoCD instance uses self-signed certificates which can be an unexpected user experience if the default ingress router certificates are signed by a trusted CA. In the past I think this was necessary because the gitops-operator did not support the other kinds of ingress TLS termination (edge, reencrypt) but now that it does we should look at changing this default behavior.

Describe the solution you'd like
The gitops-operator's gitopsservice controller should reconcile the default cluster ArgoCD instance to set the route TLS termination to reencrypt:
spec:
server:
route:
enabled: true
tls:
termination: reencypt{{}}
Describe alternatives you've considered
It is possible to manually change the ArgoCD spec after installation and set this but since the operator "owns" the ArgoCD instance ideally it should be done there.

Attachments

Issue Links

is related to

GITOPS-3918 Use reencrypt on the default Argo CD instance

In Progress

Activity

People

Assignee:: Harriet Lawrence

Reporter:: Abhishek Veeramalla

Votes:: 3 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 2022/05/13 9:20 AM

Updated:: 2024/04/22 1:50 PM

Resolved:: 2024/01/11 1:47 PM