mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Merge pull request #103187 from Haleygo/fix-dry-run-when-using-externalCA
Kubeadm init --dry-run should work when using an external ca
This commit is contained in:
commit
1345a802de
@ -386,9 +386,6 @@ func newInitData(cmd *cobra.Command, args []string, options *initOptions, out io
|
||||
// Validate that also the required kubeconfig files exists and are invalid, because
|
||||
// kubeadm can't regenerate them without the CA Key
|
||||
kubeconfigDir := options.kubeconfigDir
|
||||
if options.dryRun {
|
||||
kubeconfigDir = dryRunDir
|
||||
}
|
||||
if err := kubeconfigphase.ValidateKubeconfigsForExternalCA(kubeconfigDir, cfg); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -18,6 +18,8 @@ package phases
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
@ -195,6 +197,20 @@ func runCerts(c workflow.RunData) error {
|
||||
}
|
||||
|
||||
fmt.Printf("[certs] Using certificateDir folder %q\n", data.CertificateWriteDir())
|
||||
|
||||
// If using an external CA while dryrun, copy CA cert to dryrun dir for later use
|
||||
if data.ExternalCA() && data.DryRun() {
|
||||
externalCAFile := filepath.Join(data.Cfg().CertificatesDir, kubeadmconstants.CACertName)
|
||||
fileInfo, _ := os.Stat(externalCAFile)
|
||||
contents, err := os.ReadFile(externalCAFile)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = os.WriteFile(filepath.Join(data.CertificateWriteDir(), kubeadmconstants.CACertName), contents, fileInfo.Mode())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -18,6 +18,8 @@ package phases
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
|
||||
@ -132,6 +134,19 @@ func runKubeConfigFile(kubeConfigFileName string) func(workflow.RunData) error {
|
||||
// if external CA mode, skip certificate authority generation
|
||||
if data.ExternalCA() {
|
||||
fmt.Printf("[kubeconfig] External CA mode: Using user provided %s\n", kubeConfigFileName)
|
||||
// If using an external CA while dryrun, copy kubeconfig files to dryrun dir for later use
|
||||
if data.DryRun() {
|
||||
externalCAFile := filepath.Join(kubeadmconstants.KubernetesDir, kubeConfigFileName)
|
||||
fileInfo, _ := os.Stat(externalCAFile)
|
||||
contents, err := os.ReadFile(externalCAFile)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = os.WriteFile(filepath.Join(data.KubeConfigDir(), kubeConfigFileName), contents, fileInfo.Mode())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user