Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CA guide #611

Merged
merged 1 commit into from
Apr 16, 2024
Merged

Add CA guide #611

merged 1 commit into from
Apr 16, 2024

Conversation

rgolangh
Copy link
Contributor

@rgolangh rgolangh commented Mar 28, 2024

  • Fix memory unit from "mi:" to "Mi"
  • Add a guide on how to add a CA to pod or serverless workflow

Related-To: FLPATH-1069

@rgolangh rgolangh requested a review from domhanak as a code owner March 28, 2024 18:22
Copy link
Contributor

github-actions bot commented Mar 28, 2024

🎊 PR Preview 0d13994 has been successfully built and deployed. See the documentation preview: https://sonataflow-docs-preview-pr-611.surge.sh

@rgolangh rgolangh force-pushed the add-CA-guide branch 2 times, most recently from 8c63118 to d801613 Compare March 28, 2024 18:38
Copy link
Contributor

@domhanak domhanak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank @rgolangh I will dedicate time to try this tomorrow.

Couple of comments to check, nothing major.

- /bin/bash
- -c
- |
curl -L https://gist.githubusercontent.com/rgolangh/b949d8617709d10ba6c690863e52f259/raw/bdea4d757a05b75935bbb57f3f05635f13927b34/Main.java -o curl.java
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is very nice. We need to get it from within apache kie space thought. It would be beneficial to have a working example in https://github.com/apache/incubator-kie-kogito-examples/tree/main/serverless-operator-examples
and reference the files here.

Let me know, not a hard requirements, yet I think it would go well with section 5 and 6.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so i'll add both this small main, and the example workflow or pod yaml to the examples

name: kube-root-ca.crt
```

## Serverless Workflow Example
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please suggest if I should create it directly under this folder, create a new one, or use one of the existing

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

imho a new folder for this example serverless-workflow-security-use-cases, and under that we add one for this case or just create one new folder for this and we can always move it around later.

@domhanak domhanak linked an issue Apr 2, 2024 that may be closed by this pull request
@rgolangh
Copy link
Contributor Author

rgolangh commented Apr 2, 2024

@domhanak should I convert this to adoc?

@domhanak
Copy link
Contributor

domhanak commented Apr 2, 2024

@rgolangh oh I did not notice that, apologies and yes please.

@rgolangh rgolangh force-pushed the add-CA-guide branch 3 times, most recently from 6c9b10c to 61cfcd9 Compare April 2, 2024 13:27
Copy link
Contributor

@domhanak domhanak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added some suggestion to fix the build ptal

@domhanak
Copy link
Contributor

domhanak commented Apr 3, 2024

@tomasdavidorg do you want to take a peek?

Copy link
Contributor

@tomasdavidorg tomasdavidorg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some minor comments.

Copy link
Member

@ricardozanini ricardozanini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @rgolangh!!

@kaldesai can you also please take a look to add the writing to our standards? :)

:keywords: kogito, sonataflow, workflow, serverless, operator, kubernetes, minikube, openshift, containers
:keytool-docs: https://docs.oracle.com/en/java/javase/21/docs/specs/man/keytool.html

If you're working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication, you can follow these steps. This guide assumes you are familiar with containers and have basic knowledge of working with YAML files.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
If you're working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication, you can follow these steps. This guide assumes you are familiar with containers and have basic knowledge of working with YAML files.
You can follow these steps if you are working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication. This guide is just to let you know that you are familiar with containers and have basic knowledge of working with YAML files.

Copy link
Contributor Author

@rgolangh rgolangh Apr 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"This guide is just to let you know that you are familiar with containers"

this is not what this guide is about. is the original phrasing confusing or just plane wrong?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, this change would detour from the original goal.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


=== Step 1: Obtain the CA Certificate

Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.
Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.

Copy link
Contributor

@kaldesai kaldesai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rgolangh I have added a few suggestions. Otherwise, your content looks good to me. Thank you!

@rgolangh rgolangh changed the title add CA guide Add CA guide Apr 9, 2024
@domhanak domhanak merged commit bdb1690 into apache:main Apr 16, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Document adding a CA to a workflow
5 participants