github/dynamiclistener
1
0
Fork 1
mirror of https://github.com/rancher/dynamiclistener.git synced 2025-05-31 19:06:16 +00:00
Code Issues Projects Releases Wiki Activity
84 Commits 23 Branches 40 Tags 2.4 MiB
b45d8a455e
Commit Graph

20 Commits

Author SHA1 Message Date
Weihang Lo
b45d8a455e
Merge TLS only if TLS factory is set 
Since `storage.tls` is optional, we should check it existence before
calling its methods.
 2021-07-12 18:25:01 +08:00
Darren Shepherd
a60200ab9e Merge tag 'v0.2.3' 2021-04-12 15:00:05 -07:00
galal-hussein
e34610a1ae Add check to update dynamic listener cert in etcd only nodes 2021-03-01 21:52:45 +02:00
Brad Davidson
53f6b38760 Allow forcing cert reissuance (#28) 
Refreshing the cert should force renewal as opposed to returning
early if the SANs aren't changing. This is currently breaking refresh
of expired certs as per:
https://github.com/rancher/k3s/issues/1621#issuecomment-669464318

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-08-10 17:12:39 -07:00
Darren Shepherd
479ab335d6 Add LoadOrGenClient to handle client cert generation 2020-08-10 17:12:39 -07:00
Darren Shepherd
2bfb7bd0cb Fix error masking issue 
Also don't do an extra lookup of TLS secret after update.
 2020-08-10 17:12:39 -07:00
Darren Shepherd
ebebb82b9b Add LoadOrGenClient to handle client cert generation 2020-08-01 23:37:51 -07:00
Darren Shepherd
3b42c52bec Fix error masking issue 
Also don't do an extra lookup of TLS secret after update.
 2020-07-27 22:48:13 -07:00
Darren Shepherd
bcbb612b24 Stop using wrangler-api project 2020-07-14 13:09:07 -07:00
Darren Shepherd
bc68bf5499 Fix merging of the k8s secret to reduce the number of writes 2020-02-04 12:48:38 -07:00
Darren Shepherd
4e8035fa46 Fix go fmt/vet issues 2020-01-30 22:41:19 -07:00
Darren Shepherd
a75e84bc81 Add more helpers 2020-01-30 22:41:19 -07:00
Darren Shepherd
f1484a07b3 Add static storage and listener opts 2019-12-04 11:32:00 -07:00
Darren Shepherd
ccf76b35ea Don't clobber secret key 
On the start of a new server we do not want to blindly save the
cert because that will change the TLS key.  Instead only write
to k8s on start if there is no secret in k8s.  On start of the
controller it will sync up if the local file and k8s secret aren't
the same
 2019-11-15 23:45:10 +00:00
Darren Shepherd
988d8dd3f4 Add info logging when certs change 2019-11-15 23:43:29 +00:00
Darren Shepherd
02b97e01f1 Attempt to minimize additional cert gens 2019-11-13 14:46:32 +00:00
Darren Shepherd
6c7ccae2fc Save secret to k8s on start 2019-11-10 03:51:22 +00:00
Darren Shepherd
36c5023d47 Wrong address used 
Fixes three issues
1. Use localaddr, not remoteadd for CN
2. Don't return error from net.Listener.Accept
3. Try three times to save secret
 2019-11-09 06:09:10 +00:00
Darren Shepherd
9adf776973 Fix issues in k8s storage 2019-11-08 19:00:53 +00:00
Darren Shepherd
af04867843 Refactor to not include a server by default 2019-10-30 19:14:34 -07:00