weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Adds SecretsFilteredCaching alpha feature

Browse Source 
Signed-off-by: irbekrm <irbekrm@gmail.com>
This commit is contained in:
irbekrm 2023-02-21 12:20:53 +00:00
parent 0c071f8d2f
commit 53918b5d6c
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
internal/controller/feature/features.go
View File

@ -70,6 +70,17 @@ const (
// This feature will add BasicConstraints section with CA field defaulting to false; CA field will be set true if the Certificate resource spec has isCA as true
// Github Issue: https://github.com/cert-manager/cert-manager/issues/5539
UseCertificateRequestBasicConstraints featuregate.Feature = "UseCertificateRequestBasicConstraints"
// Owner: @irbekrm
// Alpha v1.12
// SecretsFilteredCaching reduces controller's memory consumption by
// filtering which Secrets are cached in full using
// `controller.cert-manager.io/fao` label. By default all Certificate
// Secrets are labelled with controller.cert-manager.io/fao label. Users
// can also label other Secrets, such as issuer credentials Secrets that
// they know cert-manager will need access to to speed up issuance.
// See https://github.com/cert-manager/cert-manager/blob/master/design/20221205-memory-management.md
SecretsFilteredCaching featuregate.Feature = "SecretsFilteredCaching"
)
func init() {
@ -88,4 +99,5 @@ var defaultCertManagerFeatureGates = map[featuregate.Feature]featuregate.Feature
LiteralCertificateSubject: {Default: false, PreRelease: featuregate.Alpha},
StableCertificateRequestName: {Default: false, PreRelease: featuregate.Alpha},
UseCertificateRequestBasicConstraints: {Default: false, PreRelease: featuregate.Alpha},
SecretsFilteredCaching: {Default: false, PreRelease: featuregate.Alpha},
}

2
make/e2e-setup.mk
View File

@ -213,7 +213,7 @@ comma = ,
# Helm's "--set" interprets commas, which means we want to escape commas
# for "--set featureGates". That's why we have "\$(comma)".
feature_gates_controller := $(subst $(space),\$(comma),$(filter AllAlpha=% AllBeta=% AdditionalCertificateOutputFormats=% ValidateCAA=% ExperimentalCertificateSigningRequestControllers=% ExperimentalGatewayAPISupport=% ServerSideApply=% LiteralCertificateSubject=% UseCertificateRequestBasicConstraints=%, $(subst $(comma),$(space),$(FEATURE_GATES))))
feature_gates_controller := $(subst $(space),\$(comma),$(filter AllAlpha=% AllBeta=% AdditionalCertificateOutputFormats=% ValidateCAA=% ExperimentalCertificateSigningRequestControllers=% ExperimentalGatewayAPISupport=% ServerSideApply=% LiteralCertificateSubject=% UseCertificateRequestBasicConstraints=% SecretsFilteredCaching=%, $(subst $(comma),$(space),$(FEATURE_GATES))))
feature_gates_webhook := $(subst $(space),\$(comma),$(filter AllAlpha=% AllBeta=% AdditionalCertificateOutputFormats=% LiteralCertificateSubject=%, $(subst $(comma),$(space),$(FEATURE_GATES))))
feature_gates_cainjector := $(subst $(space),\$(comma),$(filter AllAlpha=% AllBeta=%, $(subst $(comma),$(space),$(FEATURE_GATES))))