Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data: add approve-csr service to approve CSRs until bootstrap is comp…
…lete PR for cluster-machine-approver [1] is taking over the approval of CSRs for client certificates for Machines that end up as Nodes in Openshift clusters. But during bootstrapping, cluster-machine-approver is not available and therefore, this service is required to approve CSRs until we have successfully bootstrapped the control plane, after which cluster-machine-approver or users take over the role of approving any new CSRs. Currently, all CSRs are automatically approved without any condition, this PR scopes it to only during bootstrapping phase, securing the endpoint for later use. [1]: openshift/cluster-machine-approver#26
- Loading branch information