Add CA guide #611

rgolangh · 2024-03-28T18:22:52Z

Fix memory unit from "mi:" to "Mi"
Add a guide on how to add a CA to pod or serverless workflow

github-actions · 2024-03-28T18:24:11Z

🎊 PR Preview 0d13994 has been successfully built and deployed. See the documentation preview: https://sonataflow-docs-preview-pr-611.surge.sh

domhanak

Thank @rgolangh I will dedicate time to try this tomorrow.

Couple of comments to check, nothing major.

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-pod.md

domhanak · 2024-04-02T06:59:51Z

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-pod.md

+      - /bin/bash
+      - -c
+      - |
+        curl -L https://gist.githubusercontent.com/rgolangh/b949d8617709d10ba6c690863e52f259/raw/bdea4d757a05b75935bbb57f3f05635f13927b34/Main.java -o curl.java


This is very nice. We need to get it from within apache kie space thought. It would be beneficial to have a working example in https://github.com/apache/incubator-kie-kogito-examples/tree/main/serverless-operator-examples
and reference the files here.

Let me know, not a hard requirements, yet I think it would go well with section 5 and 6.

so i'll add both this small main, and the example workflow or pod yaml to the examples

domhanak · 2024-04-02T07:00:37Z

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-pod.md

+          name: kube-root-ca.crt
+```
+
+## Serverless Workflow Example


Consider adding an example to https://github.com/apache/incubator-kie-kogito-examples/tree/main/serverless-operator-examples

please suggest if I should create it directly under this folder, create a new one, or use one of the existing

imho a new folder for this example serverless-workflow-security-use-cases, and under that we add one for this case or just create one new folder for this and we can always move it around later.

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-pod.md

rgolangh · 2024-04-02T09:24:05Z

@domhanak should I convert this to adoc?

domhanak · 2024-04-02T09:25:47Z

@rgolangh oh I did not notice that, apologies and yes please.

domhanak

Added some suggestion to fix the build ptal

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

domhanak · 2024-04-03T05:23:53Z

@tomasdavidorg do you want to take a peek?

tomasdavidorg

Just some minor comments.

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

ricardozanini

Thanks @rgolangh!!

@kaldesai can you also please take a look to add the writing to our standards? :)

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

kaldesai · 2024-04-03T13:12:32Z

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

+:keywords: kogito, sonataflow, workflow, serverless, operator, kubernetes, minikube, openshift, containers
+:keytool-docs: https://docs.oracle.com/en/java/javase/21/docs/specs/man/keytool.html
+
+If you're working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication, you can follow these steps. This guide assumes you are familiar with containers and have basic knowledge of working with YAML files.


Suggested change

If you're working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication, you can follow these steps. This guide assumes you are familiar with containers and have basic knowledge of working with YAML files.

You can follow these steps if you are working with containers running Java applications and need to add a CA (Certificate Authority) certificate for secure communication. This guide is just to let you know that you are familiar with containers and have basic knowledge of working with YAML files.

"This guide is just to let you know that you are familiar with containers"

this is not what this guide is about. is the original phrasing confusing or just plane wrong?

Agreed, this change would detour from the original goal.

@kaldesai ^

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

kaldesai · 2024-04-03T13:18:11Z

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

+
+=== Step 1: Obtain the CA Certificate
+
+Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.


Suggested change

Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.

Before proceeding, ensure you have the CA certificate file (in PEM format) that you want to add to the Java container. If you don't have it, you may need to obtain it from your system administrator or certificate provider.

serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custom-ca-to-a-workflow-pod.adoc

kaldesai

@rgolangh I have added a few suggestions. Otherwise, your content looks good to me. Thank you!

Fixes: apache#610 Signed-off-by: Roy Golan <[email protected]>

rgolangh requested a review from domhanak as a code owner March 28, 2024 18:22

rgolangh force-pushed the add-CA-guide branch 2 times, most recently from 8c63118 to d801613 Compare March 28, 2024 18:38

domhanak requested changes Apr 2, 2024

View reviewed changes

domhanak linked an issue Apr 2, 2024 that may be closed by this pull request

Document adding a CA to a workflow #610

Closed

rgolangh force-pushed the add-CA-guide branch 3 times, most recently from 6c9b10c to 61cfcd9 Compare April 2, 2024 13:27

domhanak reviewed Apr 2, 2024

View reviewed changes

tomasdavidorg reviewed Apr 3, 2024

View reviewed changes

ricardozanini reviewed Apr 3, 2024

View reviewed changes

rgolangh force-pushed the add-CA-guide branch from ecf0504 to 2615799 Compare April 3, 2024 13:10

kaldesai reviewed Apr 3, 2024

View reviewed changes