Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add documentation for externalCertificate option in secure routes #76046

Open
git001 opened this issue May 16, 2024 · 3 comments
Open

Add documentation for externalCertificate option in secure routes #76046

git001 opened this issue May 16, 2024 · 3 comments
Labels
lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.

Comments

@git001
Copy link

git001 commented May 16, 2024

Which section(s) is the issue in?

https://docs.openshift.com/container-platform/4.14/networking/routes/secured-routes.html

What needs fixing?

With PR openshift/router#565 is it now possible to use a secret object for Route object similar to Ingress Object.

I haven't seen anything about this option in the 4.14 nor in 4.15 doc except in the API doc.

It would be nice to have documented this in the secure routes and maybe a hint in the ingress object doc that this is possible since 4.14.

Please add also in the the documentation how to activate the feature-gate RouteExternalCertificate in already installed clusters which was updated from OpenShift versions below 4.14 to 4.14+, because of that statement.

Everything is behind AllowExternalCertificates flag which is true when cluster-ingress-operator sets it, if RouteExternalCertificate feature-gate is enabled.
@openshift-bot
Copy link

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@openshift-ci openshift-ci bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 15, 2024
@lunarwhite
Copy link
Member

The document is now available at: https://docs.openshift.com/container-platform/4.16/networking/routes/secured-routes.html#nw-ingress-route-secret-load-external-cert_secured-routes

Additionally, there is a detailed guide on how to integrating this feature with cert-manager: https://docs.openshift.com/container-platform/4.16/security/cert_manager_operator/cert-manager-securing-routes.html

This is a Tech Preview feature introduced in OCP 4.16, and in general Tech Preview features won't be backported to older versions. For information on how to enable a Tech Preview feature, please refer to: https://docs.openshift.com/container-platform/4.16/nodes/clusters/nodes-cluster-enabling-features.html

Hope these help!

@openshift-bot
Copy link

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

@openshift-ci openshift-ci bot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@git001 @openshift-bot @lunarwhite