James Sturtevant
James Sturtevant
/hold Going to see what this looks like if I merge run with and NewServer
> With OSM installed, c1 cannot access c2 services due to failed mTLS authn. Is it possible to make them talk with OSM installed? Maybe a readme could be helpful...
Just added a few notes from looking into this issue: Webhooks that need updates: [Mutating Webhook](https://github.com/openservicemesh/osm/blob/8030047c6dd9d237522b63e28fe175ec9a08fb74/pkg/injector/webhook.go#L39) [CRD conversion webhook](https://github.com/openservicemesh/osm/blob/fa17242a34b39d87b6555774795563aede46efaa/pkg/crdconversion/crdconversion.go#L41) [Validating webhook](https://github.com/openservicemesh/osm/blob/8030047c6dd9d237522b63e28fe175ec9a08fb74/pkg/validator/server.go#L35) Rotation subscriptions: https://github.com/openservicemesh/osm/blob/7abf10d787d37cbc79c207888e70248c3a9eef66/pkg/certificate/manager.go#L341 Cert management details: https://release-v1-2.docs.openservicemesh.io/docs/guides/certificates/ rotation steps:...
after looking into I believe this might already be partially implemented via: https://github.com/openservicemesh/osm/blob/8030047c6dd9d237522b63e28fe175ec9a08fb74/pkg/validator/server.go#L52-L54 and https://github.com/openservicemesh/osm/blob/8030047c6dd9d237522b63e28fe175ec9a08fb74/pkg/injector/webhook.go#L352-L361 It looks like the other two web hooks do similar things: https://github.com/openservicemesh/osm/blob/fa17242a34b39d87b6555774795563aede46efaa/pkg/crdconversion/crdconversion.go#L74 https://github.com/openservicemesh/osm/blob/fa17242a34b39d87b6555774795563aede46efaa/pkg/crdconversion/crdconversion.go#L95-L98 These appear...
actually, it looks like the webhooks don't currently subscribe to events via https://github.com/openservicemesh/osm/blob/7abf10d787d37cbc79c207888e70248c3a9eef66/pkg/certificate/manager.go#L341
Synced with @steeling, this work is complete but dependent on cert-rotation work to be released
/cc @haircommander @bobbypage @marosset @dcantah
/assign @haircommander @bobbypage @dchen1107