weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Use SecretTLSKey/SecretTLSCert functions

Browse Source
This commit is contained in:
James Munnelly 2017-09-10 23:13:17 +01:00
parent ae3171b8bf
commit 54a850383f
3 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/issuer/ca/issue.go
View File

@ -23,13 +23,19 @@ const (
)
func (c *CA) Issue(crt *v1alpha1.Certificate) ([]byte, []byte, error) {
signerCert, signerKey, err := kube.GetKeyPair(c.cl, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
signerCert, err := kube.SecretTLSCert(c.secretsLister, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
if err != nil {
return nil, nil, err
}
_, signeeKey, err := kube.GetKeyPair(c.cl, crt.Namespace, crt.Spec.SecretName)
signerKey, err := kube.SecretTLSKey(c.secretsLister, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
if err != nil {
return nil, nil, err
}
signeeKey, err := kube.SecretTLSKey(c.secretsLister, c.issuer.Namespace, crt.Spec.SecretName)
if k8sErrors.IsNotFound(err) {
signeeKey, err = pki.GenerateRSAPrivateKey(2048)

12
pkg/issuer/ca/renew.go
View File

@ -9,15 +9,21 @@ import (
)
func (c *CA) Renew(crt *v1alpha1.Certificate) ([]byte, []byte, error) {
signerCert, signerKey, err := kube.GetKeyPair(c.cl, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
signerCert, err := kube.SecretTLSCert(c.secretsLister, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
if err != nil {
return nil, nil, err
}
_, signeeKey, err := kube.GetKeyPair(c.cl, crt.Namespace, crt.Spec.SecretName)
signerKey, err := kube.SecretTLSKey(c.secretsLister, c.issuer.Namespace, c.issuer.Spec.CA.SecretRef.Name)
if signeeKey == nil {
if err != nil {
return nil, nil, err
}
signeeKey, err := kube.SecretTLSKey(c.secretsLister, c.issuer.Namespace, crt.Spec.SecretName)
if err != nil {
return nil, nil, fmt.Errorf("error getting certificate private key: %s", err.Error())
}

2
pkg/issuer/ca/setup.go
View File

@ -26,7 +26,7 @@ const (
func (c *CA) Setup() (v1alpha1.IssuerStatus, error) {
update := c.issuer.DeepCopy()
cert, _, err := kube.GetKeyPair(c.cl, update.Namespace, update.Spec.CA.SecretRef.Name)
cert, err := kube.SecretTLSCert(c.secretsLister, update.Namespace, update.Spec.CA.SecretRef.Name)
if k8sErrors.IsNotFound(err) {
s := messageErrorGetKeyPair + err.Error()