github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

When cert dir is relative, cert rotation builds incorrect symlinks

Browse Source 
Symlinks relative to a working directory were being constructed to the
wrong location, leading to failure to refresh client certs.
This commit is contained in:
Clayton Coleman 2017-11-02 00:34:34 -04:00
parent d595003e0d
commit 3ec453d0d0
No known key found for this signature in database
GPG Key ID: 3D16906B4F1C5CB3
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
staging/src/k8s.io/client-go/util/certificate/certificate_store.go
View File

@ -266,6 +266,13 @@ func (s *fileStore) updateSymlink(filename string) error {
return fmt.Errorf("file %q does not exist so it can not be used as the currently selected cert/key", filename)
}
// Ensure the source path is absolute to ensure the symlink target is
// correct when certDirectory is a relative path.
filename, err := filepath.Abs(filename)
if err != nil {
return err
}
// Create the 'updated' symlink pointing to the requested file name.
if err := os.Symlink(filename, updatedPath); err != nil {
return fmt.Errorf("unable to create a symlink from %q to %q: %v", updatedPath, filename, err)