Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add CA data to local up generated karmada config for enhanced security #5739

Merged
merged 1 commit into from
Oct 24, 2024
Merged

add CA data to local up generated karmada config for enhanced security #5739

merged 1 commit into from
Oct 24, 2024

Conversation

chaosi-zju
Copy link
Member

@chaosi-zju chaosi-zju commented Oct 24, 2024
edited by RainbowMango
Loading

What type of PR is this?

/kind feature

What this PR does / why we need it:

Execute karmadactl token create command failed, because the cluster is set insecure-skip-tls-verify=true in karmada config, that is a insecure config.

So, this PR add CA data to local up generated karmada config for enhanced security.

Which issue(s) this PR fixes:

Fixes #5738

Special notes for your reviewer:

test report:

$ karmadactl token create --print-register-command --kubeconfig ~/.kube/karmada.config --karmada-context karmada-apiserver                                                                                
karmadactl register 172.18.0.4:5443 --token yqnbkt.muyyaah5omv1s24d --discovery-token-ca-cert-hash sha256:4f12a0f772cdaecfb7e150992f627485485d75922ddae5080bcb50a79bf22971

Does this PR introduce a user-facing change?:

NONE

@karmada-bot karmada-bot added the kind/feature Categorizes issue or PR as related to a new feature. label Oct 24, 2024
@karmada-bot karmada-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Oct 24, 2024
@chaosi-zju
Copy link
Member Author

@zhzhuang-zju

@zhzhuang-zju
Copy link
Contributor

thanks
/lgtm
assign @RainbowMango

@karmada-bot karmada-bot added the lgtm Indicates that a PR is ready to be merged. label Oct 24, 2024
@codecov-commenter
Copy link

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 40.85%. Comparing base (f19a4b5) to head (7cbee99).
Report is 6 commits behind head on master.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5739      +/-   ##
==========================================
+ Coverage   40.63%   40.85%   +0.21%     
==========================================
  Files         650      651       +1     
  Lines       55184    55256      +72     
==========================================
+ Hits        22426    22574     +148     
+ Misses      31321    31241      -80     
- Partials     1437     1441       +4
Flag Coverage Δ
unittests 40.85% <ø> (+0.21%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@zhzhuang-zju
Copy link
Contributor

/approve
/hold if @RainbowMango has some comments

@karmada-bot karmada-bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 24, 2024
@karmada-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: zhzhuang-zju

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@karmada-bot karmada-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 24, 2024
@zhzhuang-zju
Copy link
Contributor

/hold cancel

@karmada-bot karmada-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 24, 2024
@karmada-bot karmada-bot merged commit 5e7d836 into karmada-io:master Oct 24, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liangyuanpeng liangyuanpeng Awaiting requested review from liangyuanpeng

@mrlihanbo mrlihanbo Awaiting requested review from mrlihanbo

Assignees

@zhzhuang-zju zhzhuang-zju

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

failed to get register command, err: no CA certificates found in kubeconfig
4 participants
@chaosi-zju @zhzhuang-zju @codecov-commenter @karmada-bot