Skip to content

Improve error messaging with OpenSSL #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 19, 2017
Merged

Improve error messaging with OpenSSL #17

merged 1 commit into from
Aug 19, 2017

Conversation

jpoon
Copy link
Contributor

@jpoon jpoon commented Aug 11, 2017

  • Confirmed this works on MacOS + Windows. Updated documentation to reflect dependencies needed
  • Simplified KubernetesClientConfiguration getting rid of some duplicate logic
  • Improve error messaging when calling OpenSSL

jpoon
jpoon commented Aug 11, 2017
View reviewed changes
src/Kubernetes.Auth.cs Outdated
else if (!string.IsNullOrWhiteSpace(config.ClientCertificateData) && !string.IsNullOrWhiteSpace(config.ClientCertificateKey))
{
var pfxFilePath = await Utils.GeneratePfxAsync(config).ConfigureAwait(false);
if (string.IsNullOrWhiteSpace(pfxFilePath))
Copy link
Contributor Author

@jpoon jpoon Aug 11, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI. Updated GeneratePfxAsync to always return a path which makes this check moot.

@sesispla
Copy link
Contributor

LGTM. Thank you @jpoon!

brendandburns
brendandburns reviewed Aug 12, 2017
View reviewed changes
src/KubernetesClientConfiguration.cs Outdated
else

if (!cluster.ClusterEndpoint.SkipTlsVerify &&
string.IsNullOrWhiteSpace(cluster.ClusterEndpoint.CertificateAuthorityData))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Certificate Authority is not actually required (imagine for example that a user uses a certificate signed by a generally accepted authority [e.g. let's encrypt]) it will all just work because of the default roots.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems you extended the null check to add certificate-data in your last PR. Should we leave it as is or considering all these fields are optional remove this check entirely?

@brendandburns
Copy link
Contributor

@jpoon LGTM, one small comment about certificate authority not being required.

Thanks!

@brendandburns
Copy link
Contributor

(oh and it needs a rebase now that I merged my PR. Sorry!)

@jpoon
Copy link
Contributor Author

jpoon commented Aug 14, 2017

Thanks @brendanburns. Rebased, squashed commits, and replied to your comment.

@brendandburns
Copy link
Contributor

LGTM, thanks.

@brendandburns brendandburns merged commit 720b7bd into kubernetes-client:master Aug 19, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brendandburns brendandburns brendandburns left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jpoon @sesispla @brendandburns