From 18197de483d5c24c54db4adac0a55c5edfa18b51 Mon Sep 17 00:00:00 2001 From: Ewout Prangsma Date: Thu, 22 Mar 2018 08:27:35 +0100 Subject: [PATCH] Fixed validation of tls.caSecretName=None --- pkg/apis/deployment/v1alpha/tls_spec.go | 12 +++++++----- pkg/apis/deployment/v1alpha/tls_spec_test.go | 1 + 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/pkg/apis/deployment/v1alpha/tls_spec.go b/pkg/apis/deployment/v1alpha/tls_spec.go index 47eb2b16e..a197cc019 100644 --- a/pkg/apis/deployment/v1alpha/tls_spec.go +++ b/pkg/apis/deployment/v1alpha/tls_spec.go @@ -71,11 +71,13 @@ func (s TLSSpec) GetAltNames() (dnsNames, ipAddresses, emailAddresses []string, // Validate the given spec func (s TLSSpec) Validate() error { - if err := k8sutil.ValidateOptionalResourceName(s.CASecretName); err != nil { - return maskAny(err) - } - if _, _, _, err := s.GetAltNames(); err != nil { - return maskAny(err) + if s.IsSecure() { + if err := k8sutil.ValidateOptionalResourceName(s.CASecretName); err != nil { + return maskAny(err) + } + if _, _, _, err := s.GetAltNames(); err != nil { + return maskAny(err) + } } return nil } diff --git a/pkg/apis/deployment/v1alpha/tls_spec_test.go b/pkg/apis/deployment/v1alpha/tls_spec_test.go index 9c2783572..e43c0fdca 100644 --- a/pkg/apis/deployment/v1alpha/tls_spec_test.go +++ b/pkg/apis/deployment/v1alpha/tls_spec_test.go @@ -33,6 +33,7 @@ func TestTLSSpecValidate(t *testing.T) { // Valid assert.Nil(t, TLSSpec{CASecretName: ""}.Validate()) assert.Nil(t, TLSSpec{CASecretName: "foo"}.Validate()) + assert.Nil(t, TLSSpec{CASecretName: "None"}.Validate()) assert.Nil(t, TLSSpec{AltNames: []string{}}.Validate()) assert.Nil(t, TLSSpec{AltNames: []string{"foo"}}.Validate()) assert.Nil(t, TLSSpec{AltNames: []string{"email@example.com", "127.0.0.1"}}.Validate())