tagarr opened a new pull request, #712: URL: https://github.com/apache/flink-kubernetes-operator/pull/712
## What is the purpose of the change If the FlinkDeployment CR is configured to use ssl, the operator is unable to properly reconcile the deployment as the underlying RestClient the operator uses tries to load the certificates defined in the config. ## Brief change log - Change helm chart to provide values for a cert-manager created jks secret and its password - Create env vars that define the location of the truststore (optionally keystore) on disk - If the deployments config isRestSSLEnabled, modify the config to point to the operators certs on creation of rest clients - Catch runtime exceptions on submitting flink applications or flink sessions if they are due to invalid ssl config ## Verifying this change This change added tests and can be verified as follows: - Added a SecureFlinkServiceTest to check that restclients are created when certs are defined and fail otherwise - Added flink tls examples and updated the README ## Does this pull request potentially affect one of the following parts: - Dependencies (does it add or upgrade a dependency): (no) - The public API, i.e., is any changes to the `CustomResourceDescriptors`: (no) - Core observer or reconciler logic that is regularly executed: (no) ## Documentation - Does this pull request introduce a new feature? (yes) - If yes, how is the feature documented? (docs) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org