mirrors/kube-arangodb
1
0
Fork 0
mirror of https://github.com/arangodb/kube-arangodb.git synced 2024-12-14 11:57:37 +00:00
Code Activity

Set common name

Browse source
This commit is contained in:
Ewout Prangsma 2018-03-12 09:16:35 +01:00
parent 9b565b8e24
commit 8b1053a7b2
No known key found for this signature in database
GPG key ID: 4DBAD380D93D0698
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
pkg/deployment/secrets.go
View file

@ -91,7 +91,8 @@ func (d *Deployment) ensureCACertificateSecret(spec api.TLSSpec) error {
if _, err := kubecli.CoreV1().Secrets(ns).Get(spec.CASecretName, metav1.GetOptions{}); k8sutil.IsNotFound(err) { if _, err := kubecli.CoreV1().Secrets(ns).Get(spec.CASecretName, metav1.GetOptions{}); k8sutil.IsNotFound(err) {
// Secret not found, create it // Secret not found, create it
owner := d.apiObject.AsOwner() owner := d.apiObject.AsOwner()
if err := createCACertificate(d.deps.Log, kubecli.CoreV1(), spec, ns, &owner); k8sutil.IsAlreadyExists(err) { deploymentName := d.apiObject.GetName()
if err := createCACertificate(d.deps.Log, kubecli.CoreV1(), spec, deploymentName, ns, &owner); k8sutil.IsAlreadyExists(err) {
// Secret added while we tried it also // Secret added while we tried it also
return nil return nil
} else if err != nil { } else if err != nil {

5
pkg/deployment/tls.go
View file

@ -23,6 +23,7 @@
package deployment package deployment
import ( import (
"fmt"
"strings" "strings"
"time" "time"
@ -42,7 +43,7 @@ const (
// createCACertificate creates a CA certificate and stores it in a secret with name // createCACertificate creates a CA certificate and stores it in a secret with name
// specified in the given spec. // specified in the given spec.
func createCACertificate(log zerolog.Logger, cli v1.CoreV1Interface, spec api.TLSSpec, namespace string, ownerRef *metav1.OwnerReference) error { func createCACertificate(log zerolog.Logger, cli v1.CoreV1Interface, spec api.TLSSpec, deploymentName, namespace string, ownerRef *metav1.OwnerReference) error {
dnsNames, ipAddresses, emailAddress, err := spec.GetAltNames() dnsNames, ipAddresses, emailAddress, err := spec.GetAltNames()
if err != nil { if err != nil {
log.Debug().Err(err).Msg("Failed to get alternate names") log.Debug().Err(err).Msg("Failed to get alternate names")
@ -50,6 +51,7 @@ func createCACertificate(log zerolog.Logger, cli v1.CoreV1Interface, spec api.TL
} }
options := certificates.CreateCertificateOptions{ options := certificates.CreateCertificateOptions{
CommonName: fmt.Sprintf("%s Root Certificate", deploymentName),
Hosts: append(dnsNames, ipAddresses...), Hosts: append(dnsNames, ipAddresses...),
EmailAddresses: emailAddress, EmailAddresses: emailAddress,
ValidFrom: time.Now(), ValidFrom: time.Now(),
@ -93,6 +95,7 @@ func createServerCertificate(log zerolog.Logger, cli v1.CoreV1Interface, serverN
} }
options := certificates.CreateCertificateOptions{ options := certificates.CreateCertificateOptions{
CommonName: serverNames[0],
Hosts: append(append(serverNames, dnsNames...), ipAddresses...), Hosts: append(append(serverNames, dnsNames...), ipAddresses...),
EmailAddresses: emailAddress, EmailAddresses: emailAddress,
ValidFrom: time.Now(), ValidFrom: time.Now(),