Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[master] Add validation to certificate rotation #4692

Merged
merged 2 commits into from
Dec 9, 2021
Merged

[master] Add validation to certificate rotation #4692

merged 2 commits into from
Dec 9, 2021

Conversation

galal-hussein
Copy link
Contributor

Signed-off-by: galal-hussein hussein.galal.ahmed.11@gmail.com

Proposed Changes

Add validation to certificate rotation service

Types of Changes

bugfix

Verification

  • test k3s certificate rotate --service foo
    the subcommand should return error:
service foo is not recognized

@galal-hussein
Add validation to certificate rotation
13a4dec 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
@galal-hussein galal-hussein requested a review from a team as a code owner December 8, 2021 20:34
briandowns
briandowns reviewed Dec 8, 2021
View reviewed changes
pkg/cli/cert/cert.go Outdated
@@ -219,3 +223,23 @@ func backupCertificates(serverDataDir, agentDataDir string) (string, error) {
}
return tlsBackupDir, nil
}

func validateCertConfig() error {
for _, service := range cmds.ServicesList {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you create a helper method and simplify this logic?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@galal-hussein
Add validation to certificate rotation
1069116 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
brandond
brandond approved these changes Dec 8, 2021
View reviewed changes
pkg/cli/cert/cert.go
@@ -34,6 +34,20 @@ const (
k3sServerService = "-server"
)

var services = []string{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a more efficient way to do this would be to make this a map[string]struct{} or map[string]bool and then just see if the service name is in the map instead of having to walk the whole list each time, but this is fine.

@galal-hussein
Copy link
Contributor Author

CI is failing because of test validation flake, merging PR now

@galal-hussein galal-hussein merged commit 3985fd0 into k3s-io:master Dec 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandond brandond brandond approved these changes

@briandowns briandowns briandowns approved these changes

@dereknola dereknola dereknola approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@galal-hussein @brandond @briandowns @dereknola