Skip to content

Commit

Permalink
Merge pull request #9230 from k8s-infra-cherrypick-robot/cherry-pick-…
Browse files Browse the repository at this point in the history
…9167-to-release-1.5

[release-1.5] 🐛Certificate paths in cloud-init scripts should not use a platform-dependent path separator
  • Loading branch information
k8s-ci-robot authored Aug 17, 2023
2 parents 75b1a94 + cdde1a8 commit be9088a
Showing 1 changed file with 18 additions and 18 deletions.
36 changes: 18 additions & 18 deletions util/secret/certificates.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ import (
"crypto/x509/pkix"
"encoding/hex"
"math/big"
"path/filepath"
"path"
"strings"
"time"

Expand Down Expand Up @@ -73,25 +73,25 @@ func NewCertificatesForInitialControlPlane(config *bootstrapv1.ClusterConfigurat
certificates := Certificates{
&Certificate{
Purpose: ClusterCA,
CertFile: filepath.Join(certificatesDir, "ca.crt"),
KeyFile: filepath.Join(certificatesDir, "ca.key"),
CertFile: path.Join(certificatesDir, "ca.crt"),
KeyFile: path.Join(certificatesDir, "ca.key"),
},
&Certificate{
Purpose: ServiceAccount,
CertFile: filepath.Join(certificatesDir, "sa.pub"),
KeyFile: filepath.Join(certificatesDir, "sa.key"),
CertFile: path.Join(certificatesDir, "sa.pub"),
KeyFile: path.Join(certificatesDir, "sa.key"),
},
&Certificate{
Purpose: FrontProxyCA,
CertFile: filepath.Join(certificatesDir, "front-proxy-ca.crt"),
KeyFile: filepath.Join(certificatesDir, "front-proxy-ca.key"),
CertFile: path.Join(certificatesDir, "front-proxy-ca.crt"),
KeyFile: path.Join(certificatesDir, "front-proxy-ca.key"),
},
}

etcdCert := &Certificate{
Purpose: EtcdCA,
CertFile: filepath.Join(certificatesDir, "etcd", "ca.crt"),
KeyFile: filepath.Join(certificatesDir, "etcd", "ca.key"),
CertFile: path.Join(certificatesDir, "etcd", "ca.crt"),
KeyFile: path.Join(certificatesDir, "etcd", "ca.key"),
}

// TODO make sure all the fields are actually defined and return an error if not
Expand Down Expand Up @@ -124,24 +124,24 @@ func NewControlPlaneJoinCerts(config *bootstrapv1.ClusterConfiguration) Certific
certificates := Certificates{
&Certificate{
Purpose: ClusterCA,
CertFile: filepath.Join(certificatesDir, "ca.crt"),
KeyFile: filepath.Join(certificatesDir, "ca.key"),
CertFile: path.Join(certificatesDir, "ca.crt"),
KeyFile: path.Join(certificatesDir, "ca.key"),
},
&Certificate{
Purpose: ServiceAccount,
CertFile: filepath.Join(certificatesDir, "sa.pub"),
KeyFile: filepath.Join(certificatesDir, "sa.key"),
CertFile: path.Join(certificatesDir, "sa.pub"),
KeyFile: path.Join(certificatesDir, "sa.key"),
},
&Certificate{
Purpose: FrontProxyCA,
CertFile: filepath.Join(certificatesDir, "front-proxy-ca.crt"),
KeyFile: filepath.Join(certificatesDir, "front-proxy-ca.key"),
CertFile: path.Join(certificatesDir, "front-proxy-ca.crt"),
KeyFile: path.Join(certificatesDir, "front-proxy-ca.key"),
},
}
etcdCert := &Certificate{
Purpose: EtcdCA,
CertFile: filepath.Join(certificatesDir, "etcd", "ca.crt"),
KeyFile: filepath.Join(certificatesDir, "etcd", "ca.key"),
CertFile: path.Join(certificatesDir, "etcd", "ca.crt"),
KeyFile: path.Join(certificatesDir, "etcd", "ca.key"),
}

// TODO make sure all the fields are actually defined and return an error if not
Expand All @@ -167,7 +167,7 @@ func NewControlPlaneJoinCerts(config *bootstrapv1.ClusterConfiguration) Certific
// NewCertificatesForWorker return an initialized but empty set of CA certificates needed to bootstrap a cluster.
func NewCertificatesForWorker(caCertPath string) Certificates {
if caCertPath == "" {
caCertPath = filepath.Join(DefaultCertificatesDir, "ca.crt")
caCertPath = path.Join(DefaultCertificatesDir, "ca.crt")
}

return Certificates{
Expand Down

0 comments on commit be9088a

Please sign in to comment.