Use more portable invocation of base64 tool #48591
Conversation
…" option using the base64 command
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
cncf-cla: yes
✅ Pull request preview available for checkingBuilt without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
As mentioned in the comment (#48586 (comment)), It will be better if we could add a note. |
|
/retitle Use more portable invocation of base64 tool |
k8s-ci-robot
changed the title
| @@ -262,7 +262,7 @@ Finally, populate the signed certificate in the API object's status: | |||
|
|
|||
| ```shell | |||
| kubectl get csr my-svc.my-namespace -o json | \ | |||
| jq '.status.certificate = "'$(base64 ca-signed-server.pem | tr -d '\n')'"' | \ | |||
| jq '.status.certificate = "'$(base64 -i ca-signed-server.pem | tr -d '\n')'"' | \ | |||
There was a problem hiding this comment.
With the BSD version of base64 included with macOS, -i means "input file". It does not take a positional input file argument.
With the gnu version in most linux distros, -i is short for --ignore-garbage. It does allow for a positional input file argument.
There shouldn't be any "garbage" in the pem file, but it looks safe to use it to be compatible with either implementation.
There was a problem hiding this comment.
- We could add a comment (shell comment) to explain what's going on here. Otherwise, another contributor may come and "fix" it.
- We could use tabs for "Linux", "macOS" and "Windows" with the appropriate commands to run.
Description
During the "Upload the signed certificate" step (https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/#upload-the-signed-certificate) the command didn't work without the "-i" option using the base64 command.
it had to be
Issue
#48586