commit 947226b935c77b86464b80e189e302bc05feb380
Author: Rafael Camargos <email address hidden>
Date: Fri Oct 29 18:18:07 2021 -0300
Ignore 500.200 alarm on kube rootca update
Generating a close-to-expiration certificate is a possible scenario of
the rootca update procedure but it is not handled within the
`kube-rootca-update-complete` command.
This adds the 'certificate expiring soon' (500.200) alarm to the
`kube-rootca-update-start` and `kube-rootca-update-complete` ignore list
in order to allow starting and completing the update using a certificate
that has an expiration date below the threshold.
Note that it is still not possible starting the update if the rootca
certificate has already expired. Same for generating an expired
certificate during the update.
Test Plan:
PASS: Verify that the rootca update can be started if a certificate is
expiring soon
PASS: Verify that the rootca update can be completed after generating a
certificate expiring soon
Closes-Bug: 1949238
Signed-off-by: Rafael Camargos <email address hidden>
Change-Id: I241861890f56abd32b35e6e7b465cfd0515b75d9
Reviewed: https:/ /review. opendev. org/c/starlingx /config/ +/816069 /opendev. org/starlingx/ config/ commit/ 947226b935c77b8 6464b80e189e302 bc05feb380
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 947226b935c77b8 6464b80e189e302 bc05feb380
Author: Rafael Camargos <email address hidden>
Date: Fri Oct 29 18:18:07 2021 -0300
Ignore 500.200 alarm on kube rootca update
Generating a close-to-expiration certificate is a possible scenario of rootca- update- complete` command.
the rootca update procedure but it is not handled within the
`kube-
This adds the 'certificate expiring soon' (500.200) alarm to the rootca- update- start` and `kube-rootca- update- complete` ignore list
`kube-
in order to allow starting and completing the update using a certificate
that has an expiration date below the threshold.
Note that it is still not possible starting the update if the rootca
certificate has already expired. Same for generating an expired
certificate during the update.
Test Plan:
PASS: Verify that the rootca update can be started if a certificate is
expiring soon
PASS: Verify that the rootca update can be completed after generating a
certificate expiring soon
Closes-Bug: 1949238 d32b35e6e7b465c fd0515b75d9
Signed-off-by: Rafael Camargos <email address hidden>
Change-Id: I241861890f56ab