Skip to content

Commit

Permalink
Merge pull request #9553 from johngmyers/fix-lifecycle
Browse files Browse the repository at this point in the history 
Add missing lifecycle to etcd keypair tasks
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot committed Jul 12, 2020
2 parents 1a903f6 + ac13557 commit 046f3af
Showing 1 changed file with 16 additions and 12 deletions.
28 changes: 16 additions & 12 deletions pkg/model/components/etcdmanager/model.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,32 +115,36 @@ func (b *EtcdManagerBuilder) Build(c *fi.ModelBuilderContext) error {

// We create a CA keypair to enable secure communication
c.AddTask(&fitasks.Keypair{
Name: fi.String("etcd-manager-ca-" + etcdCluster.Name),
Subject: "cn=etcd-manager-ca-" + etcdCluster.Name,
Type: "ca",
Name: fi.String("etcd-manager-ca-" + etcdCluster.Name),
Lifecycle: b.Lifecycle,
Subject: "cn=etcd-manager-ca-" + etcdCluster.Name,
Type: "ca",
})

// We create a CA for etcd peers and a separate one for clients
c.AddTask(&fitasks.Keypair{
Name: fi.String("etcd-peers-ca-" + etcdCluster.Name),
Subject: "cn=etcd-peers-ca-" + etcdCluster.Name,
Type: "ca",
Name: fi.String("etcd-peers-ca-" + etcdCluster.Name),
Lifecycle: b.Lifecycle,
Subject: "cn=etcd-peers-ca-" + etcdCluster.Name,
Type: "ca",
})

// Because API server can only have a single client-cert, we need to share a client CA
if err := c.EnsureTask(&fitasks.Keypair{
Name: fi.String("etcd-clients-ca"),
Subject: "cn=etcd-clients-ca",
Type: "ca",
Name: fi.String("etcd-clients-ca"),
Lifecycle: b.Lifecycle,
Subject: "cn=etcd-clients-ca",
Type: "ca",
}); err != nil {
return err
}

if etcdCluster.Name == "cilium" {
c.AddTask(&fitasks.Keypair{
Name: fi.String("etcd-clients-ca-cilium"),
Subject: "cn=etcd-clients-ca-cilium",
Type: "ca",
Name: fi.String("etcd-clients-ca-cilium"),
Lifecycle: b.Lifecycle,
Subject: "cn=etcd-clients-ca-cilium",
Type: "ca",
})
}
}
Expand Down

0 comments on commit 046f3af

Please sign in to comment.