You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
kube-rbac-proxy v0.15.0 logs a deprecation warning during startup:
Insecure listen address will be removed.
Using --insecure-listen-address won't be possible!
The ability to run kube-rbac-proxy without TLS certificates will be removed.
Not using --tls-cert-file and --tls-private-key-file won't be possible!
For more information, please go to https://github.com/brancz/kube-rbac-proxy/issues/187
We should investigate whether we can configure the argocd-operator kube-rbac-proxy to use explicitly configured certificates. We most likely can't use cert-manager in component-argocd, since that would create a circular dependency which would break bootstrapping.
kube-rbac-proxy v0.15.0 logs a deprecation warning during startup:
We should investigate whether we can configure the argocd-operator kube-rbac-proxy to use explicitly configured certificates. We most likely can't use cert-manager in component-argocd, since that would create a circular dependency which would break bootstrapping.
On OpenShift 4, we could use service serving certificates (cf. https://docs.openshift.com/container-platform/4.13/security/certificates/service-serving-certificate.html, but we don't have a similar solution for non-OCP4 (and the HackDay PoC currently depends on cert-manager, cf. https://github.com/projectsyn/k8s-service-ca-controller)
See also brancz/kube-rbac-proxy#187
The text was updated successfully, but these errors were encountered: