Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
operator/certrotationcontroller/certrotationcontroller: make use of U…
…seSecretUpdateOnly UseSecretUpdateOnly is intended as a short term hack for a very specific use case, and it works in tandem with a particular carry patch applied to the openshift kube-apiserver. (openshift/kubernetes#1924) we will remove this when we migrate all of the affected secret objects to their intended type: https://issues.redhat.com/browse/API-1800 in short tls secrets used by this operator are reconciled by multiple controllers at the same time without any coordination. the issue is that the secret's crypto material can be regenerated, which has serious consequences for the platform as it can break external clients and the cluster itself.
- Loading branch information