github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-07 11:13:48 +00:00
Code Issues Projects Releases Wiki Activity

fix panic with SIGSEGV in kubeadm certs check-expiration

Browse Source
This commit is contained in:
carlory 2024-04-01 11:09:53 +08:00
parent 3dedb8eb8c
commit 363fee59e4
4 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/kubeadm/app/phases/certs/renewal/manager.go
View File

@ -322,7 +322,7 @@ func (rm *Manager) CertificateExists(name string) (bool, error) {
return false, errors.Errorf("%s is not a known certificate", name)
}
return handler.readwriter.Exists(), nil
return handler.readwriter.Exists()
}
// GetCertificateExpirationInfo returns certificate expiration info.
@ -358,7 +358,7 @@ func (rm *Manager) CAExists(name string) (bool, error) {
return false, errors.Errorf("%s is not a known certificate", name)
}
return handler.readwriter.Exists(), nil
return handler.readwriter.Exists()
}
// GetCAExpirationInfo returns CA expiration info.

4
cmd/kubeadm/app/phases/certs/renewal/manager_test.go
View File

@ -54,8 +54,8 @@ type fakecertificateReadWriter struct {
cert *x509.Certificate
}
func (cr fakecertificateReadWriter) Exists() bool {
return cr.exist
func (cr fakecertificateReadWriter) Exists() (bool, error) {
return cr.exist, nil
}
func (cr fakecertificateReadWriter) Read() (*x509.Certificate, error) {

17
cmd/kubeadm/app/phases/certs/renewal/readwriter.go
View File

@ -36,7 +36,7 @@ import (
// read or write a certificate stored/embedded in a file
type certificateReadWriter interface {
//Exists return true if the certificate exists
Exists() bool
Exists() (bool, error)
// Read a certificate stored/embedded in a file
Read() (*x509.Certificate, error)
@ -61,17 +61,20 @@ func newPKICertificateReadWriter(certificateDir string, baseName string) *pkiCer
}
// Exists checks if a certificate exist
func (rw *pkiCertificateReadWriter) Exists() bool {
func (rw *pkiCertificateReadWriter) Exists() (bool, error) {
certificatePath, _ := pkiutil.PathsForCertAndKey(rw.certificateDir, rw.baseName)
return fileExists(certificatePath)
}
func fileExists(filename string) bool {
func fileExists(filename string) (bool, error) {
info, err := os.Stat(filename)
if os.IsNotExist(err) {
return false
if err != nil {
if os.IsNotExist(err) {
return false, nil
}
return false, err
}
return !info.IsDir()
return !info.IsDir(), nil
}
// Read a certificate from a file the K8s pki managed by kubeadm
@ -120,7 +123,7 @@ func newKubeconfigReadWriter(kubernetesDir string, kubeConfigFileName string, ce
}
// Exists checks if a certificate embedded in kubeConfig file exists
func (rw *kubeConfigReadWriter) Exists() bool {
func (rw *kubeConfigReadWriter) Exists() (bool, error) {
return fileExists(rw.kubeConfigFilePath)
}

6
cmd/kubeadm/app/phases/certs/renewal/readwriter_test.go
View File

@ -239,7 +239,7 @@ func TestFileExists(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := fileExists(tt.filename); got != tt.want {
if got, _ := fileExists(tt.filename); got != tt.want {
t.Errorf("fileExists() = %v, want %v", got, tt.want)
}
})
@ -295,7 +295,7 @@ func TestPKICertificateReadWriterExists(t *testing.T) {
baseName: tt.fields.baseName,
certificateDir: tt.fields.certificateDir,
}
if got := rw.Exists(); got != tt.want {
if got, _ := rw.Exists(); got != tt.want {
t.Errorf("pkiCertificateReadWriter.Exists() = %v, want %v", got, tt.want)
}
})
@ -338,7 +338,7 @@ func TestKubeConfigReadWriterExists(t *testing.T) {
rw := &kubeConfigReadWriter{
kubeConfigFilePath: tt.kubeConfigFilePath,
}
if got := rw.Exists(); got != tt.want {
if got, _ := rw.Exists(); got != tt.want {
t.Errorf("kubeConfigReadWriter.Exists() = %v, want %v", got, tt.want)
}
})