feat: Introduce Dedicated Istio Gateway Secret #2004
Conversation
kyma-bot
added
cla: yes
kyma-bot
added
size/XL
config/watcher/gateway.yaml
Outdated
| @@ -20,5 +20,5 @@ spec: | |||
| number: 443 | |||
| protocol: HTTPS | |||
| tls: | |||
| credentialName: klm-watcher | |||
| credentialName: istio-gateway-secret | |||
There was a problem hiding this comment.
Can you shortly explain why we have to change the credentailName here? also in this PR, you name it gateway-secret, and we previously have issue regarding alignment of resource name, #1721 (comment), please also have a reference to that decision for this renaming.
There was a problem hiding this comment.
If it make sense to have a short meeting to sync the decision, please don't hesitate bring it to team, you can sync this with @Tomasz-Smelcerz-SAP first.
There was a problem hiding this comment.
would klm-istio-gateway be more fitting then? Or klm-gatway?
I added the istio prefix since the last PR to make it more specific
There was a problem hiding this comment.
I would vote for klm-istio-gateway, it's an istio resource.
There was a problem hiding this comment.
I'll use that for now, but let's discuss it briefly after a daily.
| @@ -201,12 +204,21 @@ func setupManager(flagVar *flags.FlagVar, cacheOptions cache.Options, scheme *ma | |||
| go cleanupStoredVersions(flagVar.DropCrdStoredVersionMap, mgr, setupLog) | |||
| go scheduleMetricsCleanup(kymaMetrics, flagVar.MetricsCleanupIntervalInMinutes, mgr, setupLog) | |||
|
|
|||
| setupIstioGatewaySecretRotation(config, kcpClient, setupLog) | |||
There was a problem hiding this comment.
I would prefer put the goruntine declaration here so that aligns with above method and has a clear view that all of them are go rountine.
There was a problem hiding this comment.
That was the first idea but a linter that check function length had a problem with that. should I move all go routines to a separate function?
Closes #1890