github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check whether static cert is already configured in UpdateTransportConfig

Browse Source 
- Also update test-cmd.sh to pass a signing ca to the kube controller
  manager, so CSRs work properly in integration tests.

Signed-off-by: Margo Crawford <margaretc@vmware.com>
This commit is contained in:
Margo Crawford
2021-12-07 15:58:46 -08:00
parent 0153febd9f
commit f015fd66ce
10 changed files with 169 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
hack/testdata/ca/ca.crt vendored Normal file
View File

@@ -0,0 +1,21 @@
# this is a test-only public key that is used in integration
# tests as the kube controller manager's signing certificate
# and the api server's client ca file.
# generated with 'openssl req -new -x509 -nodes -days 365000 -key ca.key -out ca.crt', set the CN to 127.0.0.1
-----BEGIN CERTIFICATE-----
MIICpjCCAY4CCQCP7S9OEzUZmDANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAkx
MjcuMC4wLjEwIBcNMjIwMTA0MjMzNDMyWhgPMzAyMTA1MDcyMzM0MzJaMBQxEjAQ
BgNVBAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMI22ieHLxXpWc58JyCdYG9QmahHfdtDN6R9EwI674gmm81iUq0+bQBoyh4oASos
Xuc3i6Fc7S+rvEeReaYCYQOXk/KotajY3sSCNAGI9oHsdJmrtuLTcPX9vIgcqBU5
BiFaSQEkFtlSGKECI5l/mH+5uMsBkmx7YKj6LyvM/YAPv1WsWrM2IZVPj2eWMljh
uhaDOiQOhrSjmWZuOcRKPTui2IVqTjszuZ7A1r+sKHFSNgTFqEcVSCH8Jcja/35H
LvTpOLdfntVSvklCO20sDGXnNkxcLYz2i2Jm7ixksTeGFPbzfT9q7q3Vyi5FfVvQ
31cGieUwifk3toheQ63WdZMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAXF6NCEdP
LMqgmtrfP5bl4F2QLRkVhmqoS88gsQHEUSb1ljz0Jwov4V4/m56Of+jHpQeFbsO7
dXfR4kN3J7cW3UZ8HddIiQvFHW8NPEQvmvVpWfEnNl8aXS9NilowMVDOGwvhQFFS
xsz+1OWXxrF+RpgYB+b0orjy7K1jYER+baXKeLU8JGPKXQGSR+0YomeC/xc2LznD
KfS8t/7D9jbKhFGvTC5x15MSy8rGcdCsFVxtkCmbuq1KwP5CYAyowZ/zCKPtBoKK
5F9TmayjX3AUvh4KVdeh8zrMhFdWmOihKlrj/bJyY0l/hbnROG+ipMPdcepCmfFA
r+6CBEIWxsxJTQ==
-----END CERTIFICATE-----

30
hack/testdata/ca/ca.key vendored Normal file
View File

@@ -0,0 +1,30 @@
# this is a test-only private key that is used in integration
# tests as the kube controller manager's signing key.
# generated with 'openssl genrsa 2048 > ca.key'
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAwjbaJ4cvFelZznwnIJ1gb1CZqEd920M3pH0TAjrviCabzWJS
rT5tAGjKHigBKixe5zeLoVztL6u8R5F5pgJhA5eT8qi1qNjexII0AYj2gex0mau2
4tNw9f28iByoFTkGIVpJASQW2VIYoQIjmX+Yf7m4ywGSbHtgqPovK8z9gA+/Vaxa
szYhlU+PZ5YyWOG6FoM6JA6GtKOZZm45xEo9O6LYhWpOOzO5nsDWv6wocVI2BMWo
RxVIIfwlyNr/fkcu9Ok4t1+e1VK+SUI7bSwMZec2TFwtjPaLYmbuLGSxN4YU9vN9
P2rurdXKLkV9W9DfVwaJ5TCJ+Te2iF5DrdZ1kwIDAQABAoIBAEpzQo+yl887hAzO
tSUgj048xJqoxUtfah4pQDczpo0317QVBAKbkqd8hDapOUEUf1D9jw5NlDMZD3UU
BGEqOkxpN/Lmz7SpZkRIcW1BNtY5cb1TASnUylHScgpvidOQ55Ozi5bfYc7vVLes
HT+DlU8pP/i6YoophbVhKuIMlAUZ2NkyoFdW+fFUj4r695JIrKIyct+uH+igem6G
OqiTMkAYPwaKHai/yl7UdLRek6xXn1IafTBfvYAL0mdQlOMgTpt/u1oa4EPoxytX
RbsulC6D2cmNlqvc0sQurbwfPeO+eCCwLeFs9aOPy7eWsujoj+lMFdB7oYQdqAEi
VK/p4JECgYEA8JSQMucMr81BZjNldCyLOKb1SHQzyyhrQxnFVEvbVHHCN18VDKf9
p4kjnR8GOqLx/j+gSIUS7nHG+KCLCiwFoK/y+xcf++6yyrv6L8qZq48F+RqoXgGU
H0rxAmdnxRuRVo7Qd2bXbcrvoqS7XVV4YQ1o9pYTEfiGzyxTSRFkyrkCgYEAzqmD
/rEimA/Jbn1MKH3f7U6W49uj6lJeRfxGfbBLqhPCVXOPgnSONjYchYs3TBAwbknm
yPBk6HNUhqnyrZ5Co3n57lSBRpKb4oNh7+n6rZQLT1aTX8Rpf26UVqxjzyuNlTe9
9DYcT9uJm3QI4cdl567KbhmdIJ3zELjri4dlbKsCgYEAhHBkiYEkPMtzyz1UBoZX
BhLzSLWfpaFUmxXeya8QyQXu8uiG//ai7s3SKzbfCPyW125TYFjRuS4taMWIhUsC
thjmXE+4rcoT5wNgkVqpCgasNRv1v/qCfk+VKcufFqU8dzgbjv+wbKKhFRo2gwUA
Rf1J4SVwzh3QqNAv8TOAFxECgYAimhVkponxRetnGYmP2guNMzRmcFcQm7v3Idc3
ojX5AxftsMydfiB1iTfbUETw8mD5hlwi1sU+eljzty7PzQjBUGH9ep6uj0uUcIUM
Y3O6bmg6X3eLeFploMErhe+sN1GcY1nlss2ovUxb/+Cg1P8F/KkeKCG73VZePWgK
05+ywwKBgQDbVh4uufob8ia/1xQxTgao90YeerihmwkdpUEIIU5a22GBOeIUr4jF
ciT4Nm8Rb3noFVzLj36N1LfzrZzmsLmdXzYLx3q2eXlGi3zay0n6mmS7yaRjGmQX
XNc/BzOWHfjPQakxzTsJJaCAPTlQ7+JXNlrLblYrSI5EjBWD1OUG6A==
-----END RSA PRIVATE KEY-----