Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vastly simplify the image registry trust configmap #287

Merged
merged 1 commit into from Jan 6, 2020
Merged

vastly simplify the image registry trust configmap #287

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
58 changes: 9 additions & 49 deletions pkg/operator/workloadcontroller/workload_controller_openshiftapiserver_v311_00.go
View file
Open in desktop
Expand Up @@ -306,57 +306,17 @@ func manageOpenShiftAPIServerImageImportCA_v311_00_to_latest(openshiftConfigClie
if err != nil {
return nil, false, err
}

casConfigMap, err := client.ConfigMaps(operatorclient.TargetNamespace).Get(
imageImportCAName, metav1.GetOptions{},
)
if err != nil && !apierrors.IsNotFound(err) {
return nil, false, err
} else if err != nil {
// There is no certificates to be added to the config map
// and the config map does not exist, nothing else to do.
if len(mergedCAs) == 0 {
return nil, false, nil
}

if casConfigMap, err = client.ConfigMaps(operatorclient.TargetNamespace).Create(
&corev1.ConfigMap{
ObjectMeta: metav1.ObjectMeta{
Namespace: operatorclient.TargetNamespace,
Name: imageImportCAName,
},
Data: mergedCAs,
},
); err != nil {
return nil, false, err
}

return casConfigMap, true, nil
requiredConfigMap := &corev1.ConfigMap{
ObjectMeta: metav1.ObjectMeta{
Namespace: operatorclient.TargetNamespace,
Name: imageImportCAName,
},
Data: mergedCAs,
}

// We have no certificates so there is no need to have a ConfigMap,
// we need to delete it.
if len(mergedCAs) == 0 {
if err := client.ConfigMaps(operatorclient.TargetNamespace).Delete(
imageImportCAName, &metav1.DeleteOptions{},
); err != nil {
return nil, false, err
}
casConfigMap.Data = mergedCAs
return casConfigMap, true, nil
}

if reflect.DeepEqual(mergedCAs, casConfigMap.Data) {
return casConfigMap, false, nil
}

casConfigMap.Data = mergedCAs
if casConfigMap, err = client.ConfigMaps(operatorclient.TargetNamespace).Update(
casConfigMap,
); err != nil {
return nil, false, err
}
return casConfigMap, true, nil
// this can leave configmaps mounted without any content, but that should not have an impact on functionality since empty and missing
// should logically be treated the same in the case of trust.
return resourceapply.ApplyConfigMap(client, recorder, requiredConfigMap)
}

func syncOpenShiftAPIServerTrustedCA_v311_00_to_latest(client coreclientv1.CoreV1Interface, recorder events.Recorder) error {
Expand Down