-
Notifications
You must be signed in to change notification settings - Fork 140
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: makes default knative secret local for serverless #1067
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,8 +23,6 @@ import ( | |
"sigs.k8s.io/controller-runtime/pkg/client" | ||
) | ||
|
||
const DefaultCertificateSecretName = "knative-serving-cert" | ||
|
||
func CreateSelfSignedCertificate(ctx context.Context, c client.Client, secretName, domain, namespace string, metaOptions ...MetaOptions) error { | ||
certSecret, err := GenerateSelfSignedCertificateAsSecret(secretName, domain, namespace) | ||
if err != nil { | ||
|
@@ -125,8 +123,8 @@ func generateCertificate(addr string) ([]byte, []byte, error) { | |
return certBuffer.Bytes(), keyBuffer.Bytes(), nil | ||
} | ||
|
||
// GetDefaultIngressCertificate copies ingress cert secrets from openshift-ingress ns to given namespace. | ||
func GetDefaultIngressCertificate(ctx context.Context, c client.Client, knativeSecret, namespace string) error { | ||
// PropagateDefaultIngressCertificate copies ingress cert secrets from openshift-ingress ns to given namespace. | ||
func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, secretName, namespace string) error { | ||
// Add IngressController to scheme | ||
runtime.Must(operatorv1.Install(c.Scheme())) | ||
defaultIngressCtrl, err := FindAvailableIngressController(ctx, c) | ||
|
@@ -141,7 +139,7 @@ func GetDefaultIngressCertificate(ctx context.Context, c client.Client, knativeS | |
return err | ||
} | ||
|
||
return copySecretToNamespace(ctx, c, defaultIngressSecret, knativeSecret, namespace) | ||
return copySecretToNamespace(ctx, c, defaultIngressSecret, secretName, namespace) | ||
} | ||
|
||
func FindAvailableIngressController(ctx context.Context, c client.Client) (*operatorv1.IngressController, error) { | ||
|
@@ -171,10 +169,6 @@ func GetSecret(ctx context.Context, c client.Client, namespace, name string) (*v | |
} | ||
|
||
func copySecretToNamespace(ctx context.Context, c client.Client, secret *v1.Secret, newSecretName, namespace string) error { | ||
// Get default name if newSecretName is empty | ||
if newSecretName == "" { | ||
newSecretName = DefaultCertificateSecretName | ||
} | ||
Comment on lines
-174
to
-177
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I am not sure we need to default this to anything. I would assume the caller does due diligence. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If line 142 is the only usage, I think it is always going to be populated... |
||
newSecret := &v1.Secret{ | ||
ObjectMeta: metav1.ObjectMeta{ | ||
Name: newSecretName, | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this reflects the effect of this function a bit more accurately.