mirror of https://github.com/k3s-io/k3s
Create encryption hash file if it doesn't exist (#5140)
Signed-off-by: Derek Nola <derek.nola@suse.com>pull/5132/head
parent
299ca60009
commit
142eed1a9f
|
@ -8,6 +8,7 @@ import (
|
|||
b64 "encoding/base64"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net"
|
||||
|
@ -657,6 +658,16 @@ func genEncryptionConfigAndState(controlConfig *config.Control, runtime *config.
|
|||
return nil
|
||||
}
|
||||
if s, err := os.Stat(runtime.EncryptionConfig); err == nil && s.Size() > 0 {
|
||||
// On upgrade from older versions, the encryption hash may not exist, create it
|
||||
if _, err := os.Stat(runtime.EncryptionHash); errors.Is(err, os.ErrNotExist) {
|
||||
curEncryptionByte, err := ioutil.ReadFile(runtime.EncryptionConfig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
encryptionConfigHash := sha256.Sum256(curEncryptionByte)
|
||||
ann := "start-" + hex.EncodeToString(encryptionConfigHash[:])
|
||||
return ioutil.WriteFile(controlConfig.Runtime.EncryptionHash, []byte(ann), 0600)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue