ContainerImage.Pinniped/internal/certauthority
Ryan Richard 80153f9a80 Allow app to start despite failing to borrow the cluster signing key
- Controller and aggregated API server are allowed to run
- Keep retrying to borrow the cluster signing key in case the failure
  to get it was caused by a transient failure
- The CredentialRequest endpoint will always return an authentication
  failure as long as the cluster signing key cannot be borrowed
- Update which integration tests are skipped to reflect what should
  and should not work based on the cluster's capability under this
  new behavior
- Move CreateOrUpdateCredentialIssuerConfig() and related methods
  to their own file
- Update the CredentialIssuerConfig's Status every time we try to
  refresh the cluster signing key
2020-08-25 18:22:53 -07:00
..
kubecertauthority Allow app to start despite failing to borrow the cluster signing key 2020-08-25 18:22:53 -07:00
testdata Extend certauthority to support loading an existing CA. 2020-07-27 12:33:33 -07:00
certauthority_test.go Switch back to an exec-based approach to grab the controller-manager CA. (#65) 2020-08-19 13:21:07 -05:00
certauthority.go Switch back to an exec-based approach to grab the controller-manager CA. (#65) 2020-08-19 13:21:07 -05:00