Merge pull request #54979 from smarterclayton/symlink

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. When cert dir is relative, cert rotation builds incorrect symlinks Symlinks relative to a working directory were being constructed to the wrong location, leading to failure to refresh client certs. @liggitt
2017-11-07 22:35:54 -08:00 · 2017-11-07 22:35:54 -08:00 · 08781adf13
parent 84f2bf3a68 3ec453d0d0
commit 08781adf13
1 changed files with 7 additions and 0 deletions
--- a/staging/src/k8s.io/client-go/util/certificate/certificate_store.go
+++ b/staging/src/k8s.io/client-go/util/certificate/certificate_store.go
@ -266,6 +266,13 @@ func (s *fileStore) updateSymlink(filename string) error {
 		return fmt.Errorf("file %q does not exist so it can not be used as the currently selected cert/key", filename)
 	}

+	// Ensure the source path is absolute to ensure the symlink target is
+	// correct when certDirectory is a relative path.
+	filename, err := filepath.Abs(filename)
+	if err != nil {
+		return err
+	}
+
 	// Create the 'updated' symlink pointing to the requested file name.
 	if err := os.Symlink(filename, updatedPath); err != nil {
 		return fmt.Errorf("unable to create a symlink from %q to %q: %v", updatedPath, filename, err)