DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ignore fake certificate for NGINXCertificateExpiry (#10694)

Browse source 
The fake certificate is only a fallback and it is okay-ish if it
expires.

Do not alert for its expiration.

Co-authored-by: Leonardo Taccari <leonardo@faire.ai>
This commit is contained in:
k8s-infra-cherrypick-robot 2023-11-29 09:03:10 -08:00 committed by GitHub
parent 7764e00ab4
commit aa3609046b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
charts/ingress-nginx/values.yaml
View file

@ -736,7 +736,7 @@ controller:
# # (i.e. delete `{host!="_"}` so also the default SSL certificate is
# # checked for expiration)
# - alert: NGINXCertificateExpiry
# expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds) by (host) - time()) < 604800
# expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds{host!="_"}) by (host) - time()) < 604800
# for: 1s
# labels:
# severity: critical