* Sync changes to Kubernetes secret through workqueue instead of goroutines with locks (#202)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b12f85e82a)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* fix dynamic-cert.json permission (#196)
(cherry picked from commit 2fb4ae1e2e)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Fix panic on nil secret (#204)
Use configured secret namespace/name in error message, to avoid panicing if the secret is invalid because it is nil
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d9174a1f59)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Do not update memory storage with a nil secret (#205)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7ad41853e0)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Avoid creating certs that violate Apple requirements for macOS 10.15 (#208)
* Prevent creating non-standards compliant certs.
Changes generated certificates to have a NotBefore based on either the
CA NotBefore or the current time. This prevents creation of certificates
that are valid for too long making them return errors on platforms like
MacOS.
* Add license header and add test cases
(cherry picked from commit 3e35acfa52)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---------
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Siva Kanakala <siva.kanakala@suse.com>
Co-authored-by: Wesley <wesley19097@gmail.com>