github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-07-31 23:00:26 +00:00
Code Issues Projects Releases Wiki Activity

When cert dir is relative, cert rotation builds incorrect symlinks

Browse Source 
Symlinks relative to a working directory were being constructed to the
wrong location, leading to failure to refresh client certs.

Kubernetes-commit: 3ec453d0d000a9bd3244d9d455f715bfe64d2e6b
This commit is contained in:
Clayton Coleman 2017-11-02 00:34:34 -04:00 committed by Kubernetes Publisher
parent 62461cc6ff
commit cb1d458c41
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
util/certificate/certificate_store.go
View File

@ -266,6 +266,13 @@ func (s *fileStore) updateSymlink(filename string) error {
return fmt.Errorf("file %q does not exist so it can not be used as the currently selected cert/key", filename)
}
// Ensure the source path is absolute to ensure the symlink target is
// correct when certDirectory is a relative path.
filename, err := filepath.Abs(filename)
if err != nil {
return err
}
// Create the 'updated' symlink pointing to the requested file name.
if err := os.Symlink(filename, updatedPath); err != nil {
return fmt.Errorf("unable to create a symlink from %q to %q: %v", updatedPath, filename, err)