github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-13 11:25:19 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #41268 from pipejakob/public-signer

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 41137, 41268)

Allow the CertificateController to use any Signer implementation.

**What this PR does / why we need it**:
This will allow developers to create `CertificateController`s with arbitrary `Signer`s, instead of forcing the use of `CFSSLSigner`. It matches the behavior of allowing an arbitrary `AutoApprover` to be passed in the constructor.

**Release note**:

```release-note
NONE
```

CC @mikedanese
This commit is contained in:
Kubernetes Submit Queue
2017-02-10 18:05:35 -08:00
committed by GitHub
parent aa724ae0a9 7682aa53b1
commit 198fcf60ca
3 changed files with 16 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cmd/kube-controller-manager/app/certificates.go
View File

@@ -32,11 +32,17 @@ func startCSRController(ctx ControllerContext) (bool, error) {
return false, nil
}
c := ctx.ClientBuilder.ClientOrDie("certificate-controller")
signer, err := certcontroller.NewCFSSLSigner(ctx.Options.ClusterSigningCertFile, ctx.Options.ClusterSigningKeyFile)
if err != nil {
glog.Errorf("Failed to start certificate controller: %v", err)
return false, nil
}
certController, err := certcontroller.NewCertificateController(
c,
ctx.NewInformerFactory.Certificates().V1beta1().CertificateSigningRequests(),
ctx.Options.ClusterSigningCertFile,
ctx.Options.ClusterSigningKeyFile,
signer,
certcontroller.NewGroupApprover(ctx.Options.ApproveAllKubeletCSRsForGroup),
)
if err != nil {