weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Fix vault setup in e2e by reverting ttl duration

Browse Source 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
This commit is contained in:
joshvanl 2021-06-21 11:00:20 +01:00
parent d0e7ccd805
commit 680c4f4a41
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
test/e2e/framework/addon/vault/setup.go
View File

@ -394,7 +394,7 @@ func (v *VaultInitializer) setupRole() error {
params := map[string]string{
"allow_any_name": "true",
"max_ttl": "21600h",
"max_ttl": "2160h",
"key_type": "any",
"require_cn": "false",
"allowed_uri_sans": "spiffe://cluster.local/*",
@ -483,7 +483,7 @@ func (v *VaultInitializer) CreateKubernetesRole(client kubernetes.Interface, nam
params := map[string]string{
"allow_any_name": "true",
"max_ttl": "21600h",
"max_ttl": "2160h",
"key_type": "any",
"require_cn": "false",
"allowed_uri_sans": "spiffe://cluster.local/*",
@ -496,7 +496,7 @@ func (v *VaultInitializer) CreateKubernetesRole(client kubernetes.Interface, nam
_, err = v.proxy.callVault("POST", url, "", params)
if err != nil {
return fmt.Errorf("Error creating role %s: %s", v.Role, err.Error())
return fmt.Errorf("error creating role %s: %s", v.Role, err.Error())
}
// create policy
@ -509,8 +509,10 @@ func (v *VaultInitializer) CreateKubernetesRole(client kubernetes.Interface, nam
// # create approle
params = map[string]string{
"period": "24h",
"policies": v.Role,
"period": "24h",
"policies": v.Role,
"bound_service_account_names": serviceAccountName,
"bound_service_account_namespaces": namespace,
}
baseUrl := path.Join("/v1", "auth", v.KubernetesAuthPath, "role", v.Role)