Final fixes and cleanup for state management

Fix dind and local and etcd snapshots add ExternalFlags and dialer options
2025-09-17 23:49:06 +00:00 · 2018-11-08 01:54:08 +02:00
parent 6da35256a8
commit 696b61679c
18 changed files with 353 additions and 601 deletions
--- a/pki/util.go
+++ b/pki/util.go
@@ -197,7 +197,7 @@ func GetConfigTempPath(name string) string {
 	return fmt.Sprintf("%skubecfg-%s.yaml", TempCertPath, name)
 }

-func ToCertObject(componentName, commonName, ouName string, cert *x509.Certificate, key *rsa.PrivateKey) CertificatePKI {
+func ToCertObject(componentName, commonName, ouName string, certificate *x509.Certificate, key *rsa.PrivateKey) CertificatePKI {
 	var config, configPath, configEnvName string
 	if len(commonName) == 0 {
 		commonName = getDefaultCN(componentName)
@@ -208,6 +208,8 @@ func ToCertObject(componentName, commonName, ouName string, cert *x509.Certifica
 	caCertPath := GetCertPath(CACertName)
 	path := GetCertPath(componentName)
 	keyPath := GetKeyPath(componentName)
+	certificatePEM := string(cert.EncodeCertPEM(certificate))
+	keyPEM := string(cert.EncodePrivateKeyPEM(key))

 	if componentName != CACertName && componentName != KubeAPICertName && !strings.Contains(componentName, EtcdCertName) && componentName != ServiceAccountTokenKeyName {
 		config = getKubeConfigX509("https://127.0.0.1:6443", "local", componentName, caCertPath, path, keyPath)
@@ -216,18 +218,20 @@ func ToCertObject(componentName, commonName, ouName string, cert *x509.Certifica
 	}

 	return CertificatePKI{
-		Certificate:   cert,
-		Key:           key,
-		Config:        config,
-		Name:          componentName,
-		CommonName:    commonName,
-		OUName:        ouName,
-		EnvName:       envName,
-		KeyEnvName:    keyEnvName,
-		ConfigEnvName: configEnvName,
-		Path:          path,
-		KeyPath:       keyPath,
-		ConfigPath:    configPath,
+		Certificate:    certificate,
+		Key:            key,
+		CertificatePEM: certificatePEM,
+		KeyPEM:         keyPEM,
+		Config:         config,
+		Name:           componentName,
+		CommonName:     commonName,
+		OUName:         ouName,
+		EnvName:        envName,
+		KeyEnvName:     keyEnvName,
+		ConfigEnvName:  configEnvName,
+		Path:           path,
+		KeyPath:        keyPath,
+		ConfigPath:     configPath,
 	}
 }

@@ -394,3 +398,29 @@ func deepEqualIPsAltNames(oldIPs, newIPs []net.IP) bool {
 	}
 	return reflect.DeepEqual(oldIPsStrings, newIPsStrings)
 }
+
+func TransformPEMToObject(in map[string]CertificatePKI) map[string]CertificatePKI {
+	out := map[string]CertificatePKI{}
+	for k, v := range in {
+		certs, _ := cert.ParseCertsPEM([]byte(v.CertificatePEM))
+		key, _ := cert.ParsePrivateKeyPEM([]byte(v.KeyPEM))
+		o := CertificatePKI{
+			ConfigEnvName:  v.ConfigEnvName,
+			Name:           v.Name,
+			Config:         v.Config,
+			CommonName:     v.CommonName,
+			OUName:         v.OUName,
+			EnvName:        v.EnvName,
+			Path:           v.Path,
+			KeyEnvName:     v.KeyEnvName,
+			KeyPath:        v.KeyPath,
+			ConfigPath:     v.ConfigPath,
+			Certificate:    certs[0],
+			Key:            key.(*rsa.PrivateKey),
+			CertificatePEM: v.CertificatePEM,
+			KeyPEM:         v.KeyPEM,
+		}
+		out[k] = o
+	}
+	return out
+}