Skip to content
This repository has been archived by the owner on Sep 2, 2022. It is now read-only.

k8s 1.19 golang 1.15 doesn't like the webhook cert generated #430

Open
sgraham785 opened this issue Mar 5, 2021 · 1 comment · May be fixed by #431
Open

k8s 1.19 golang 1.15 doesn't like the webhook cert generated #430

sgraham785 opened this issue Mar 5, 2021 · 1 comment · May be fixed by #431

Comments

@sgraham785
Copy link

sgraham785 commented Mar 5, 2021
edited

Kubernetes 1.19 updates Golang to 1.15+ which throws this error when trying to validate the webhook caBundle:

Post \"https://flink-operator-webhook-service.<namespace>.svc:443/mutate-flinkoperator-k8s-io-v1beta1-flinkcluster?timeout=30s\":
      x509: certificate relies on legacy Common Name field, use SANs or temporarily
      enable Common Name matching with GODEBUG=x509ignoreCN=0'\nkind: Status
message: 'Internal error occurred: failed calling webhook \"mflinkcluster.flinkoperator.k8s.io\":
  Post \"https://flink-operator-webhook-service.<namespace>.svc:443/mutate-flinkoperator-k8s-io-v1beta1-flinkcluster?timeout=30s\":
  x509: certificate relies on legacy Common Name field, use SANs or temporarily enable\n  Common Name matching with GODEBUG=x509ignoreCN=0'

Corrective PR to follow
@sgraham785 sgraham785 linked a pull request Mar 5, 2021 that will close this issue
Open
@pashtet04
Copy link

I applied generate-cert.yaml fixes from branch sgraham785:sg/add-san-to-cabundle, but still got an error while create flinkcluster

Error from server (InternalError): error when creating "processing.yaml": Internal error occurred: failed calling webhook "mflinkcluster.flinkoperator.k8s.io": Post "https://flink-operator-webhook-service.flink-operator-system.svc:443/mutate-flinkoperator-k8s-io-v1beta1-flinkcluster?timeout=30s": x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@sgraham785 @pashtet04