kubeadm: drop duplicate function NewCACertAndKey

The function certs.NewCACertAndKey() is just a wrapper around pkiutil.NewCertificateAuthority() which doesn't add any additional functionality. Instead use pkiutil.NewCertificateAuthority() directly.
2025-09-17 07:03:31 +00:00 · 2019-04-18 16:31:20 +03:00
parent b32b742d97
commit 580513ed66
9 changed files with 16 additions and 49 deletions
--- a/cmd/kubeadm/app/util/certs/util.go
+++ b/cmd/kubeadm/app/util/certs/util.go
@@ -39,13 +39,6 @@ func SetupCertificateAuthorithy(t *testing.T) (*x509.Certificate, *rsa.PrivateKe
 	return caCert, caKey
 }

-// AssertCertificateIsCa is a utility function for kubeadm testing that asserts if a given certificate is a CA
-func AssertCertificateIsCa(t *testing.T, cert *x509.Certificate) {
-	if !cert.IsCA {
-		t.Error("cert is not a valida CA")
-	}
-}
-
 // AssertCertificateIsSignedByCa is a utility function for kubeadm testing that asserts if a given certificate is signed
 // by the expected CA
 func AssertCertificateIsSignedByCa(t *testing.T, cert *x509.Certificate, signingCa *x509.Certificate) {
--- a/cmd/kubeadm/app/util/pkiutil/pki_helpers.go
+++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers.go
@@ -61,12 +61,12 @@ const (
 func NewCertificateAuthority(config *certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error) {
 	key, err := NewPrivateKey()
 	if err != nil {
-		return nil, nil, errors.Wrap(err, "unable to create private key")
+		return nil, nil, errors.Wrap(err, "unable to create private key while generating CA certificate")
 	}

 	cert, err := certutil.NewSelfSignedCACert(*config, key)
 	if err != nil {
-		return nil, nil, errors.Wrap(err, "unable to create self-signed certificate")
+		return nil, nil, errors.Wrap(err, "unable to create self-signed CA certificate")
 	}

 	return cert, key, nil
--- a/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go
+++ b/cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go
@@ -33,20 +33,17 @@ func TestNewCertificateAuthority(t *testing.T) {
 	cert, key, err := NewCertificateAuthority(&certutil.Config{CommonName: "kubernetes"})

 	if cert == nil {
-		t.Errorf(
-			"failed NewCertificateAuthority, cert == nil",
-		)
+		t.Error("failed NewCertificateAuthority, cert == nil")
+	} else if !cert.IsCA {
+		t.Error("cert is not a valida CA")
 	}
+
 	if key == nil {
-		t.Errorf(
-			"failed NewCertificateAuthority, key == nil",
-		)
+		t.Error("failed NewCertificateAuthority, key == nil")
 	}
+
 	if err != nil {
-		t.Errorf(
-			"failed NewCertificateAuthority with an error: %v",
-			err,
-		)
+		t.Errorf("failed NewCertificateAuthority with an error: %+v", err)
 	}
 }