Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix: adding the kube ca cert to the truststores #25586

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ahus1 merged 2 commits into from
Dec 18, 2023
Merged

fix: adding the kube ca cert to the truststores #25586

ahus1 merged 2 commits into from
Dec 18, 2023

Conversation

@shawkins
Copy link
Contributor

@shawkins shawkins commented Dec 14, 2023

The only issue here is that we're not monitoring the file, so a rotation will require a manual restart of the keycloak instances. We could have the operator watch the kube-root-ca.crt configmap and restart the keycloaks.

closes #10794

@shawkins shawkins requested review from a team as code owners December 14, 2023 17:12
@ghost ghost added the team/cloud-native label Dec 14, 2023
ahus1
ahus1 reviewed Dec 15, 2023
View reviewed changes
@shawkins
Copy link
Contributor Author

shawkins commented Dec 15, 2023

@ahus1 the project_name convention is not currently used in the release notes, you may want to create an issue to replace all of those references.

@ghost ghost added the flaky-test label Dec 15, 2023
This was referenced Dec 15, 2023
Closed
Closed
@ahus1
Copy link
Contributor

ahus1 commented Dec 15, 2023

the project_name convention is not currently used in the release notes, you may want to create an issue to replace all of those references.

Thank you for pointing this out. I'm skipping it for now as we don't use the content directly for RHBK release notes, as RHBK release notes are created manually by using copy-and-past and re-arranging of contents. It will helps if the content you are copying contains the attributes.

Once someone from the cloud native team approves it, I'm happy to merge it.

mabartos
mabartos approved these changes Dec 18, 2023
View reviewed changes
Copy link
Contributor

@mabartos mabartos left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@shawkins Thanks, LGTM.

It's necessary to rebase and squash commits to pass the DCO check and WebAuthn job.

@shawkins shawkins enabled auto-merge (squash) December 18, 2023 13:21
@shawkins
Copy link
Contributor Author

shawkins commented Dec 18, 2023

It's necessary to rebase and squash commits to pass the DCO check and WebAuthn job.

Following the last suggestion by @stianst I'm just setting the DCO as passing and enabled auto-merge with a squashed message that includes the sign-off from the initial commit.

@shawkins shawkins mentioned this pull request Dec 18, 2023
Open
@ahus1 ahus1 self-assigned this Dec 18, 2023
@ghost ghost mentioned this pull request Dec 18, 2023
Closed
@ghost
Copy link

ghost commented Dec 18, 2023

Unreported flaky test detected

If the below flaky tests below are affected by the changes, please review and update the changes accordingly. Otherwise, a maintainer should report the flaky tests prior to merging the PR.

org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithIntermediateRevocationListFromFile

Keycloak CI - FIPS IT (non-strict)

java.lang.RuntimeException: Could not create statement
	at org.jboss.arquillian.junit.Arquillian.methodBlock(Arquillian.java:313)
	at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
...

Report flaky test

org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithIntermediateRevocationListFromFile

Keycloak CI - FIPS IT (strict)

java.lang.RuntimeException: Could not create statement
	at org.jboss.arquillian.junit.Arquillian.methodBlock(Arquillian.java:313)
	at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
...

Report flaky test

ghost
ghost reviewed Dec 18, 2023
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unreported flaky test detected, please review

@ahus1 ahus1 disabled auto-merge December 18, 2023 14:54
@ahus1 ahus1 enabled auto-merge (squash) December 18, 2023 14:54
This was referenced Dec 18, 2023
Closed
Closed
ahus1
ahus1 approved these changes Dec 18, 2023
View reviewed changes
Copy link
Contributor

@ahus1 ahus1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving as of @mabartos's review.

@ahus1 ahus1 merged commit bee7595 into keycloak:main Dec 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ahus1 ahus1 ahus1 approved these changes

@mabartos mabartos mabartos approved these changes

+1 more reviewer
Reviewers whose approvals may not affect merge requirements

Assignees

@ahus1 ahus1

Labels

flaky-test team/cloud-native

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support importing Kubernetes CA

3 participants

@shawkins @ahus1 @mabartos