mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity
3a2c92f08e
tailscale/envknob
History
Irbe Krumina 34734ba635
ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets (#15307) 
This PR adds some custom logic for reading and writing
kube store values that are TLS certs and keys:
1) when store is initialized, lookup additional
TLS Secrets for this node and if found, load TLS certs
from there
2) if the node runs in certs 'read only' mode and
TLS cert and key are not found in the in-memory store,
look those up in a Secret
3) if the node runs in certs 'read only' mode, run
a daily TLS certs reload to memory to get any
renewed certs

Updates tailscale/corp#24795

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2025-03-18 15:09:22 +00:00
..
featureknob envknob/featureknob: allow use of exit node on unraid (#14754) 2025-01-26 15:35:58 +00:00
logknob all: use iterators in more places instead of Range funcs 2025-01-04 11:01:00 -08:00
envknob_nottest.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
envknob_testable.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
envknob.go ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets (#15307) 2025-03-18 15:09:22 +00:00