This is an automated email from the ASF dual-hosted git repository.
dhanak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-kie-kogito-docs.git
The following commit(s) were added to refs/heads/main by this push:
new d0f500384 Add missing instruction on adding the CA configmap (#669)
d0f500384 is described below
commit d0f500384a9efca1f00f5283f232be651f66f39b
Author: Roy Golan <[email protected]>
AuthorDate: Fri Sep 6 09:41:47 2024 +0300
Add missing instruction on adding the CA configmap (#669)
* Add missing instruction on adding the CA configmap
Signed-off-by: Roy Golan <[email protected]>
* Update
serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc
Co-authored-by: Ricardo Zanini
<[email protected]>
---------
Signed-off-by: Roy Golan <[email protected]>
Co-authored-by: Ricardo Zanini
<[email protected]>
---
.../pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git
a/serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc
b/serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc
index c9e1d3084..d94303106 100644
---
a/serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc
+++
b/serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc
@@ -136,6 +136,16 @@ spec:
Similar to a deployment spec, a serverless workflow has a spec.podTemplate,
with minor differences, but the change is almost identical.
In this case, we are mounting some ingress ca-bundle because we want our
workflow to reach the `.apps.my-cluster-name.my-cluster-domain` SSL endpoint.
+
+In this example, we pull the ingress CA of OpenShift's ingress deployment
because this is the CA that signs the target routes' certificates. It can be
any CA that is signing the target service certificate.
+Here's how to copy the ingress ca cert to the desired namespace:
+
+[source,shell]
+---
+kubectl config set-context --current --namespace=my-namespace
+kubectl get cm -n openshift-config-managed default-ingress-cert -o yaml | awk
'!/namespace:.*$/' | sed 's/default-ingress-cert/ingress-ca/' | kubectl create
-f -
+---
+
Here is the relevant spec section of a workflow with the changes:
[source,yaml]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
