Add a kubectl create secret tls command #24719
Conversation
k8s-github-robot
added
size/L
| The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key.` | ||
|
|
||
| secretForTLSExample = ` # You can create a TLS secret using: | ||
| $ kubectl create secret tls tls-secret-name --cert=path to tls.cert --key=path to tls.key` |
| return fmt.Errorf("certificate must be specified.") | ||
| } | ||
| // TODO: Add more validation. | ||
| // 1. Public/private key pair match. |
There was a problem hiding this comment.
I see this one as required for merge. We really want to be sure that what people give us for these isn't borked.
|
@Kargakis generators! |
|
whatcanyoudo |
| The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key. | ||
|
|
||
| ``` | ||
| kubectl create secret tls NAME --cert=path to cert file --key=path to key file [--dry-run] |
There was a problem hiding this comment.
Suggest not using space in flag arguments. How about --cert=path/to/cert/file or --cert=CERTFILE
|
I'm now loading the key pair and throwing errors back, also added a unittest for the same. PTAL. |
| The public/private key pair must exist before hand. The public key certificate must be .PEM encoded and match the given private key.` | ||
|
|
||
| secretForTLSExample = ` # Create a new TLS secret named tls-secret with the given key pair: | ||
| $ kubectl create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key` |
There was a problem hiding this comment.
I think we have stopped using the dollar sign in kubectl examples
|
I'd like to see a usage example in |
|
A couple more tests (noted in comments) and this lgtm. |
deads2k
added
release-note
bprashanth
force-pushed
the
kubectl_tls
branch
2 times, most recently
from
bb02fb9 to
c93aaac
Compare
|
PTAL, sorry for the huge delay in updating this. Got sidetracked with 1.3 stuff. |
k8s-github-robot
added
size/XL
|
@bprashanth I think it just needs an update to the help (some comments outstanding) and its ready. |
deads2k
added
the
lgtm
|
lgtm |
|
Forgot to git add file, inheriting LGTM |
bprashanth
added
lgtm
|
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
|
GCE e2e build/test passed for commit daa8e29. |
|
Automatic merge from submit-queue |
A somewhat hasty implementation that enables progress along: #20176 (comment), #24669, #20176 (comment) if associated parties have spare cycles. @kubernetes/kubectl
This change is