Added rest client metrics for client TTL and rot. (#84382)

* Added rest client metrics for client TTL and rot. * Fixed foo bar comment, added nil checks * Moved rotation observation inside of old cert nil check block * Fixed rotation age logic. * fixed BUILD for exec plugin package * fixed null pointer dereference in exec.go * Updated metric name, bucket, used oldest cert. Kubernetes-commit: 9dcb3bfcff2024e4690d70262cad14668b1f2507
2025-09-05 17:10:27 +00:00 · 2019-11-22 17:29:30 -08:00
parent 571c0ef670
commit 775f4ddf38
5 changed files with 245 additions and 5 deletions
--- a/plugin/pkg/client/auth/exec/exec_test.go
+++ b/plugin/pkg/client/auth/exec/exec_test.go
@@ -97,6 +97,10 @@ func init() {
 	if err != nil {
 		panic(err)
 	}
+	cert.Leaf, err = x509.ParseCertificate(cert.Certificate[0])
+	if err != nil {
+		panic(err)
+	}
 	validCert = &cert
 }

@@ -760,7 +764,7 @@ func TestConcurrentUpdateTransportConfig(t *testing.T) {
 }

 // genClientCert generates an x509 certificate for testing. Certificate and key
-// are returned in PEM encoding.
+// are returned in PEM encoding. The generated cert expires in 24 hours.
 func genClientCert(t *testing.T) ([]byte, []byte) {
 	key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	if err != nil {