Skip to content

openstack: pass through InsecureSkipVerify into openstack components#17908

Merged
k8s-ci-robot merged 2 commits intokubernetes:masterfrom
justinsb:map_insecure_cacert_for_openstack
Feb 2, 2026
Merged

openstack: pass through InsecureSkipVerify into openstack components#17908
k8s-ci-robot merged 2 commits intokubernetes:masterfrom
justinsb:map_insecure_cacert_for_openstack

Conversation

@justinsb
Copy link
Copy Markdown
Member

@justinsb justinsb commented Feb 1, 2026
edited
Loading

If the user has set InsecureSkipVerify in the kops cluster spec for openstack,
we should pass that through to the openstack clients we create, so that they
honor that setting.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 1, 2026
@k8s-ci-robot k8s-ci-robot requested a review from hakman February 1, 2026 16:18
@justinsb justinsb changed the title openstack: pass through InsecureSkipVerify into openstack components WIP: openstack: pass through InsecureSkipVerify into openstack components Feb 1, 2026
@k8s-ci-robot k8s-ci-robot requested a review from zetaab February 1, 2026 16:18
@k8s-ci-robot k8s-ci-robot added area/nodeup do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. labels Feb 1, 2026
@justinsb justinsb added this to the v1.35 milestone Feb 1, 2026
@justinsb
Copy link
Copy Markdown
Member Author

justinsb commented Feb 1, 2026

I think this should into 1.35

/milestone v1.35

@justinsb justinsb force-pushed the map_insecure_cacert_for_openstack branch from 955072d to 70c82e5 Compare February 1, 2026 17:43
@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 1, 2026
@justinsb justinsb changed the title WIP: openstack: pass through InsecureSkipVerify into openstack components openstack: pass through InsecureSkipVerify into openstack components Feb 1, 2026
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 1, 2026
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 1, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Feb 1, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hakman

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 1, 2026
@justinsb justinsb force-pushed the map_insecure_cacert_for_openstack branch from 70c82e5 to a8d9e0e Compare February 1, 2026 19:44
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 1, 2026
@justinsb justinsb force-pushed the map_insecure_cacert_for_openstack branch from a8d9e0e to d22e1cf Compare February 1, 2026 23:33
@justinsb
openstack: pass through InsecureSkipVerify into openstack components
9af8517 
If the user has set InsecureSkipVerify in the kops cluster spec for openstack,
we should pass that through to the openstack clients we create, so that they
honor that setting.

We use a "private" environment variable KOPS_OS_TLS_INSECURE_SKIP_VERIFY,
because there is no well-known OpenStack environment variable for this purpose.
@justinsb justinsb force-pushed the map_insecure_cacert_for_openstack branch from d22e1cf to 9af8517 Compare February 1, 2026 23:37
@hakman
Fix boilerplate
1edae40 
Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>
@hakman hakman force-pushed the map_insecure_cacert_for_openstack branch from fbe1cc0 to 1edae40 Compare February 2, 2026 08:52
@hakman
Copy link
Copy Markdown
Member

hakman commented Feb 2, 2026

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 2, 2026
@hakman
Copy link
Copy Markdown
Member

hakman commented Feb 2, 2026

/override pull-kops-e2e-k8s-aws-calico

@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Feb 2, 2026

@hakman: Overrode contexts on behalf of hakman: pull-kops-e2e-k8s-aws-calico

Details

In response to this:

/override pull-kops-e2e-k8s-aws-calico

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot merged commit 2025480 into kubernetes:master Feb 2, 2026
26 checks passed
@k8s-ci-robot k8s-ci-robot modified the milestones: v1.35, v1.36 Feb 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hakman hakman hakman approved these changes

@zetaab zetaab Awaiting requested review from zetaab

Assignees

@hakman hakman

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/nodeup cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

v1.36

Development

Successfully merging this pull request may close these issues.

3 participants

@justinsb @k8s-ci-robot @hakman