clear acme client cache whenever an acme issuer is changed

This is a very in-elegant solution to the problem, but it avoids having to look at other extant issuers and having background processes. Signed-off-by: Daniel Morsing <dmo@jetstack.io>
2019-01-24 15:41:11 +00:00 · 2019-01-24 15:41:11 +00:00 · e2123ccbb3
commit e2123ccbb3
parent 19f66c4053
2 changed files with 8 additions and 0 deletions
--- a/pkg/acme/acme.go
+++ b/pkg/acme/acme.go
@ -193,6 +193,12 @@ func lookupClient(spec *cmapi.ACMEIssuer, status *cmapi.ACMEIssuerStatus, pk *rs
 	return acmeCl
 }

+func ClearClientCache() {
+	clientRepoMu.Lock()
+	defer clientRepoMu.Unlock()
+	clientRepo = nil
+}
+
 // buildHTTPClient returns an HTTP client to be used by the ACME client.
 // For the time being, we construct a new HTTP client on each invocation.
 // This is because we need to set the 'skipTLSVerify' flag on the HTTP client
--- a/pkg/issuer/acme/setup.go
+++ b/pkg/issuer/acme/setup.go
@ -96,6 +96,8 @@ func (a *Acme) Setup(ctx context.Context) error {

 	}

+	acme.ClearClientCache()
+
 	cl, err := acme.ClientWithKey(a.issuer, pk)
 	if err != nil {
 		s := messageAccountVerificationFailed + err.Error()