New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Graduate SecretsFilteredCaching feature gate to beta #6074
Comments
Issues go stale after 90d of inactivity. |
Stale issues rot after 30d of inactivity. |
/remove-lifecycle stale |
/remove-lifecycle rotten |
Customer upgraded to v1.13 to meet some additional requirements, but this change caused some unwarranted renewal of certificates because it was "missing" the label. Is this the intended behavior of this change? Was there a setting to prevent this from automatically renewing certificates? |
EXTRA INFO: this feature was promoted to Beta in 1.13: #6298 |
We recently upgraded one of our instances to v1.13.2 and found that it reissued one of our CA certs and one of the certs that it signed, but not 10 others also signed by the CA. This resulted in a bit of a mess due to poor dependency processing on our side. We tracked down the cause to this issue - nice spec write up by the way. We have several more instances due to be upgraded soon. Can I simply add the label The spec says "Users will have to ensure that Secrets they create are labelled. We can help them to discover which Secrets that are currently deployed to cluster and need labelling with a cmctl command." Is that help available yet? Thanks. |
@finnribm Normally, if you upgrade to a v1.12.x version before upgrading to v1.13, all secrets should be automatically labeled by the cert-manager controller. Alternatively, adding the IMPORTANT: See #6494 (comment) for more info about this issue and how to prevent it. |
|
This is a placeholder issue to gather people's feedback on
SecretsFilteredCaching
alpha featureIf you are using the secrets filtered caching and would like it to graduate to beta and eventually be enabled in GA, please add a comment about your usage experience:
controller.cert-manager.io/fao
labelhttps://github.com/cert-manager/cert-manager/blob/master/design/20221205-memory-management.md
#5824
/kind cleanup
The text was updated successfully, but these errors were encountered: