Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kubeadm: use EnsureCertificateAuthorityIsEmbedded() for file discovery #80966

Merged

Conversation

@neolit123
Copy link
Member

commented Aug 5, 2019

What this PR does / why we need it:
For file discovery, in case the user feeds a file for the CA
from the kubeconfig, make sure it's preloaded and embedded using
the new function EnsureCertificateAuthorityIsEmbedded().

This commit also applies cleanup:

  • unroll validateKubeConfig() into ValidateConfigInfo() as this way
    the default cluster can be re-used.
  • in ValidateConfigInfo() reuse the variable config instead of creating
    a new variable kubeconfig.
  • make the Ensure* functions return descriptive errors instead of
    wrapping the errors on the side of the callers.

Which issue(s) this PR fixes:

Fixes ##80065
remake of #80066

Special notes for your reviewer:
NONE

Does this PR introduce a user-facing change?:

kubeadm: fix "certificate-authority" files not being pre-loaded when using file discovery

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:


/assign @fabriziopandini
@kubernetes/sig-cluster-lifecycle-pr-reviews
/kind bug cleanup
/priority backlog

kubeadm: use EnsureCertificateAuthorityIsEmbedded() for file discovery
For file discovery, in case the user feeds a file for the CA
from the kubeconfig, make sure it's preloaded and embedded using
the new function EnsureCertificateAuthorityIsEmbedded().

This commit also applies cleanup:
- unroll validateKubeConfig() into ValidateConfigInfo() as this way
the default cluster can be re-used.
- in ValidateConfigInfo() reuse the variable config instead of creating
a new variable kubeconfig.
- make the Ensure* functions return descriptive errors instead of
wrapping the errors on the side of the callers.
@neolit123

This comment has been minimized.

Copy link
Member Author

commented Aug 5, 2019

/hold

@yastij
Copy link
Member

left a comment

/lgtm

since the comments are addressed

@fabriziopandini
Copy link
Member

left a comment

Thanks @neolit123 for stepping in and completing this work!
/lgtm
/approve

@k8s-ci-robot

This comment has been minimized.

Copy link
Contributor

commented Aug 5, 2019

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: fabriziopandini, neolit123

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@neolit123

This comment has been minimized.

Copy link
Member Author

commented Aug 5, 2019

/hold cancel

@k8s-ci-robot k8s-ci-robot merged commit da30406 into kubernetes:master Aug 6, 2019

23 checks passed

cla/linuxfoundation neolit123 authorized
Details
pull-kubernetes-bazel-build Job succeeded.
Details
pull-kubernetes-bazel-test Job succeeded.
Details
pull-kubernetes-conformance-image-test Skipped.
pull-kubernetes-cross Skipped.
pull-kubernetes-dependencies Job succeeded.
Details
pull-kubernetes-e2e-gce Job succeeded.
Details
pull-kubernetes-e2e-gce-100-performance Job succeeded.
Details
pull-kubernetes-e2e-gce-csi-serial Skipped.
pull-kubernetes-e2e-gce-device-plugin-gpu Job succeeded.
Details
pull-kubernetes-e2e-gce-iscsi Skipped.
pull-kubernetes-e2e-gce-iscsi-serial Skipped.
pull-kubernetes-e2e-gce-storage-slow Skipped.
pull-kubernetes-godeps Skipped.
pull-kubernetes-integration Job succeeded.
Details
pull-kubernetes-kubemark-e2e-gce-big Job succeeded.
Details
pull-kubernetes-local-e2e Skipped.
pull-kubernetes-node-e2e Job succeeded.
Details
pull-kubernetes-node-e2e-containerd Job succeeded.
Details
pull-kubernetes-typecheck Job succeeded.
Details
pull-kubernetes-verify Job succeeded.
Details
pull-publishing-bot-validate Skipped.
tide In merge pool.
Details

@k8s-ci-robot k8s-ci-robot added this to the v1.16 milestone Aug 6, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.