Avoid multiple decode/encode of certificates

Question

Avoid multiple decode/encode of certificates

Closed this issue 4 months ago · 12 comments

          I have a feeling we are decoding/encoding certs in bundles multiple times already, and this adds another round of decode/encode. What about using a "Cert Pool" as an intermediate format between functions - instead of `[]string` or `[]byte`? We could fix this in a follow-up PR. Just wanted to note it here.

Originally posted by @erikgb in #303 (comment)

arsenalzp commented 7 months ago

/assign

Answer 1 · 2024-04-08T20:59:20.000Z

Hello,
Can I work on this?
If we have the final decision, I cat work on this issue to improve code usage and performance.
I would appreciate any suggestions how can we improve.
As far as I remember CertPool usage was suggested.

Answer 2 · 2024-04-08T21:01:14.000Z

Please do, @arsenalzp! 🎉 Anything that needs to be decided?

Answer 3 · 2024-04-08T21:10:16.000Z

Please do, @arsenalzp! 🎉 Anything that needs to be decided?

As usually, during the work process we finding out the best decision :)

Answer 4 · 2024-05-15T20:42:53.000Z

@arsenalzp Are you working on this issue? If not, I am considering to take a stab. 🤠

Answer 5 · 2024-05-16T14:25:53.000Z

@arsenalzp Are you working on this issue? If not, I am considering to take a stab. 🤠

Hello,
Sure, I don't forget about this issue, however I pushed all my strengths to pass one of AWS Architect exam.
Please, don't re-assign this issue to anyone else, I will manage with it soon :)

Answer 6 · 2024-06-27T09:49:33.000Z

Sorry for delayed response, I started working on this issue.
I found some changes were made for source.go and sync.go.

Answer 7 · 2024-06-30T11:53:02.000Z

Hello,
How do you think, should be maintain CertPool structure between all functions: in source.go, pem.go, cert_pool.go? Or just between pem.go and cert_pool.go and keep as it is in source.go?

Answer 8 · 2024-06-30T12:50:24.000Z

Hello,

How do you think, should be maintain CertPool structure between all functions: in source.go, pem.go, cert_pool.go? Or just between pem.go and cert_pool.go and keep as it is in source.go?

I am a bit out of context, but if it makes sense to keep the cert pool from source to target, I will imagine that would make the code more compact and easier to read/understand?

Answer 9 · 2024-07-19T15:02:52.000Z

I believe this can be closed after #375 is merged.

/close

Answer 10 · 2024-07-19T15:02:55.000Z

@erikgb: Closing this issue.

In response to this:

I believe this can be closed after #375 is merged.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Answer 11 · 2024-07-19T19:18:32.000Z

It happened, finally!
Thank you colleagues, you didn't forget about my work :)