Skip to content

Minimal Shell Operator example. #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 39 commits into
base: main
Choose a base branch
from
Draft

Minimal Shell Operator example. #3

wants to merge 39 commits into from

Conversation

flatheadmill
Copy link
Owner

No description provided.

@flatheadmill
Minimal Shell Operator example.
a2d3f1e
@flatheadmill
Create a Dockerfile.
bf6f331
@flatheadmill
Quote jq path argument.
8ccd7f5 
Zsh was unhappy with this copypasta Bash.
@flatheadmill
Working Step Operator.
2b0ce9c 
We now have a working Step Operator from the Quick Start.
@flatheadmill
Attempt to match by label.
841f84b
@flatheadmill
Let's see what happens every minute.
5332aee
@flatheadmill
Add our label.
73e4785
@flatheadmill
Let's switch to secrets.
3085fbd 
Now that we filter by label, we can work with secrets.
@flatheadmill
Rename our dummy certificate.
95a2b98
@flatheadmill
Use secrets in our hook.
17e91ce
@flatheadmill
Fix secret definition.
c980d02
@flatheadmill
Remove certificate.yaml.
047ecc0 
We're going to have a real certificate now. Not a serious one, but I
don't want to trigger any secret scanners.
@flatheadmill
Working renewal.
dd4089b 
Renewal within Kubernetes cluster now works. Going to reoganize to
preserve the debugging functions as commands according to the `README`
I've begun to write.
@flatheadmill
Reorganize for debugging.
09d5d97 
Create a common library with different executables for debugging.
@flatheadmill
Add builder version.
6782683
@flatheadmill
Remove lib directory.
8e9a325 
Since it all needs to be in `/hooks/`.
acreops and others added 11 commits January 21, 2024 04:32
@acreops
Fix base64 encoding, bad parameter substitution.
d3a71b1
@flatheadmill
Sketch of non tls type secrets with multiple certificates.
26ce93f
@flatheadmill
Working non-TLS type secrets.
ddd6841 
When working with OpenSearch I need to create an api certificate, a
certificate for a transport layer and client certificate for
administration of the cluster. These are all kept in the same secret so
they can be mounted in a directory next to each other.

Further more, the keys need be in PKCS#8 format.

Added an annotation for a colon separated list of key pairs in secret.
The pairs are slash delimited. Shouldn't be the case that someone needs
a slash or a colon in their key name so I'm not going to add escaping
for the delimiters. The pair can contain a third part which is the key
type either `pkcs8` or `pem`, but I'm not sure if `pem` is the right
name for the default format. If no pair string is provided it assumed to
be `"tls.crt/tls.key/pem"`.
@flatheadmill
Fix feed into renew_certificates function.
d9d1730
@flatheadmill
Remove debug printing.
14efeb3
@flatheadmill
Fix annotation.
f36c040 
You are only allowed one slash, so we placed our qualifier in hostname
part.
@flatheadmill
Adjust annotation again.
a75118e
@flatheadmill
Adjust label.
c5cb421
@flatheadmill
Fix step renewer configuration error.
f4a2fa5
@flatheadmill
Label presence only, tidy Zsh.
9926289
@flatheadmill
Fix label selector.
9d8c4a4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@flatheadmill @acreops