Merge pull request #126757 from my-git9/deadcode-pkiutil

kubeadm: remove unused function in util/pkiutil
2025-07-29 22:46:12 +00:00 · 2024-08-17 09:08:12 -07:00 · 2024-08-17 09:08:12 -07:00 · 0f095cf0ba
commit 0f095cf0ba
parent 66df84bc11 6b9e106c2f
2 changed files with 0 additions and 46 deletions
--- a/cmd/kubeadm/app/cmd/certs_test.go
+++ b/cmd/kubeadm/app/cmd/certs_test.go
@ -359,18 +359,12 @@ func TestRunGenCSR(t *testing.T) {
 	for _, name := range expectedCertificates {
 		_, err = pkiutil.TryLoadKeyFromDisk(certDir, name)
 		assert.NoErrorf(t, err, "failed to load key file: %s", name)
-
-		_, err = pkiutil.TryLoadCSRFromDisk(certDir, name)
-		assert.NoError(t, err, "failed to load CSR file: %s", name)
 	}

 	t.Log("The command generates kubeconfig files in the configured --kubeconfig-dir")
 	for _, name := range expectedKubeConfigs {
 		_, err = clientcmd.LoadFromFile(kubeConfigDir + "/" + name + ".conf")
 		assert.NoErrorf(t, err, "failed to load kubeconfig file: %s", name)
-
-		_, err = pkiutil.TryLoadCSRFromDisk(kubeConfigDir, name+".conf")
-		assert.NoError(t, err, "failed to load kubeconfig CSR file: %s", name)
 	}
 }

--- a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go
+++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go
@ -355,18 +355,6 @@ func TryLoadPrivatePublicKeyFromDisk(pkiPath, name string) (crypto.PrivateKey, c
 	}
 }

-// TryLoadCSRFromDisk tries to load the CSR from the disk
-func TryLoadCSRFromDisk(pkiPath, name string) (*x509.CertificateRequest, error) {
-	csrPath := pathForCSR(pkiPath, name)
-
-	csr, err := CertificateRequestFromFile(csrPath)
-	if err != nil {
-		return nil, errors.Wrapf(err, "could not load the CSR %s", csrPath)
-	}
-
-	return csr, nil
-}
-
 // PathsForCertAndKey returns the paths for the certificate and key given the path and basename.
 func PathsForCertAndKey(pkiPath, name string) (string, string) {
 	return pathForCert(pkiPath, name), pathForKey(pkiPath, name)
@ -507,34 +495,6 @@ func EncodeCSRPEM(csr *x509.CertificateRequest) []byte {
 	return pem.EncodeToMemory(&block)
 }

-func parseCSRPEM(pemCSR []byte) (*x509.CertificateRequest, error) {
-	block, _ := pem.Decode(pemCSR)
-	if block == nil {
-		return nil, errors.New("data doesn't contain a valid certificate request")
-	}
-
-	if block.Type != certutil.CertificateRequestBlockType {
-		return nil, errors.Errorf("expected block type %q, but PEM had type %q", certutil.CertificateRequestBlockType, block.Type)
-	}
-
-	return x509.ParseCertificateRequest(block.Bytes)
-}
-
-// CertificateRequestFromFile returns the CertificateRequest from a given PEM-encoded file.
-// Returns an error if the file could not be read or if the CSR could not be parsed.
-func CertificateRequestFromFile(file string) (*x509.CertificateRequest, error) {
-	pemBlock, err := os.ReadFile(file)
-	if err != nil {
-		return nil, errors.Wrap(err, "failed to read file")
-	}
-
-	csr, err := parseCSRPEM(pemBlock)
-	if err != nil {
-		return nil, errors.Wrapf(err, "error reading certificate request file %s", file)
-	}
-	return csr, nil
-}
-
 // NewCSR creates a new CSR
 func NewCSR(cfg CertConfig, key crypto.Signer) (*x509.CertificateRequest, error) {
 	RemoveDuplicateAltNames(&cfg.AltNames)