Skip to content

Commit

Permalink
typecast check
Browse files Browse the repository at this point in the history
Signed-off-by: pjuarezd <[email protected]>
  • Loading branch information
pjuarezd committed May 24, 2024
1 parent 0860450 commit 4b697b0
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
4 changes: 3 additions & 1 deletion pkg/controller/main-controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -1416,7 +1416,9 @@ func (c *Controller) handleSecret(obj interface{}, oldObj interface{}) {
klog.Infof("Secret '%s/%s' changed", secret.Namespace, secret.Name)
var oldSecret *corev1.Secret
if oldObj != nil {
oldSecret = oldObj.(*corev1.Secret)
if oldCasted, ok := oldObj.(*corev1.Secret); ok {
oldSecret = oldCasted
}
}
// Add new certificates to Transport Certs if any changed
if !c.TrustTLSCertificatesInSecretIfChanged(secret, oldSecret) {
Expand Down
8 changes: 4 additions & 4 deletions pkg/controller/operator.go
Original file line number Diff line number Diff line change
Expand Up @@ -252,12 +252,12 @@ func (c *Controller) trustIfChanged(newSecret *corev1.Secret, oldSecret *corev1.
klog.Errorf("Failed adding certs in field '%s' of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err)
}
} else {
// If filed was not present in old secret but is in new secret then is an addition, we trust it
// If field was not present in old secret but is in new secret then is an addition, we trust it
if err := c.addTLSCertificatesToTrustInTransport(newPublicCert); err == nil {
klog.Infof("Added certificates in field '%s' of '%s/%s' secret to trusted RootCA's", fieldToCompare, newSecret.Namespace, newSecret.Name)
return true
}
klog.Errorf("Failed adding certs in field %s of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err)
klog.Errorf("Failed adding certificates in field %s of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err)
}
}
return false
Expand All @@ -270,15 +270,15 @@ func (c *Controller) trustPEMInSecretField(secret *corev1.Secret, fieldToCompare
klog.Infof("Added certificates in field '%s' of '%s/%s' secret to trusted RootCA's", fieldToCompare, secret.Namespace, secret.Name)
return true
}
klog.Errorf("Failed adding certs in field '%s' of '%s/%s' secret: %v", fieldToCompare, secret.Namespace, secret.Name, err)
klog.Errorf("Failed adding certificates in field '%s' of '%s/%s' secret: %v", fieldToCompare, secret.Namespace, secret.Name, err)
}
return false
}

func (c *Controller) addTLSCertificatesToTrustInTransport(certificateData []byte) error {
var x509Certs []*x509.Certificate
current := certificateData
// A single PEM file could contain more than one certificate, keeping track of the index to help debugging
// A single PEM file could contain more than one certificates, keeping track of the index to help debugging
certIndex := 1
for len(current) > 0 {
var pemBlock *pem.Block
Expand Down

0 comments on commit 4b697b0

Please sign in to comment.