From 09db5bc951e08ff355edb4be9e3944af61b5ce74 Mon Sep 17 00:00:00 2001 From: Andrew Lytvynov Date: Mon, 12 Nov 2018 16:08:56 -0800 Subject: [PATCH] Remove k8s.io/client-go/util/cert/triple The package is unused. --- hack/.golint_failures | 1 - staging/src/k8s.io/client-go/util/cert/BUILD | 5 +- .../k8s.io/client-go/util/cert/triple/BUILD | 27 ---- .../client-go/util/cert/triple/triple.go | 116 ------------------ 4 files changed, 1 insertion(+), 148 deletions(-) delete mode 100644 staging/src/k8s.io/client-go/util/cert/triple/BUILD delete mode 100644 staging/src/k8s.io/client-go/util/cert/triple/triple.go diff --git a/hack/.golint_failures b/hack/.golint_failures index 61342e2cf4..26804d9dac 100644 --- a/hack/.golint_failures +++ b/hack/.golint_failures @@ -653,7 +653,6 @@ staging/src/k8s.io/client-go/tools/portforward staging/src/k8s.io/client-go/tools/record staging/src/k8s.io/client-go/tools/reference staging/src/k8s.io/client-go/transport -staging/src/k8s.io/client-go/util/cert/triple staging/src/k8s.io/client-go/util/exec staging/src/k8s.io/client-go/util/flowcontrol staging/src/k8s.io/client-go/util/integer diff --git a/staging/src/k8s.io/client-go/util/cert/BUILD b/staging/src/k8s.io/client-go/util/cert/BUILD index 4db41c73f2..2a42b716ef 100644 --- a/staging/src/k8s.io/client-go/util/cert/BUILD +++ b/staging/src/k8s.io/client-go/util/cert/BUILD @@ -37,9 +37,6 @@ filegroup( filegroup( name = "all-srcs", - srcs = [ - ":package-srcs", - "//staging/src/k8s.io/client-go/util/cert/triple:all-srcs", - ], + srcs = [":package-srcs"], tags = ["automanaged"], ) diff --git a/staging/src/k8s.io/client-go/util/cert/triple/BUILD b/staging/src/k8s.io/client-go/util/cert/triple/BUILD deleted file mode 100644 index 86eb16f780..0000000000 --- a/staging/src/k8s.io/client-go/util/cert/triple/BUILD +++ /dev/null @@ -1,27 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", -) - -go_library( - name = "go_default_library", - srcs = ["triple.go"], - importmap = "k8s.io/kubernetes/vendor/k8s.io/client-go/util/cert/triple", - importpath = "k8s.io/client-go/util/cert/triple", - deps = ["//staging/src/k8s.io/client-go/util/cert:go_default_library"], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], -) diff --git a/staging/src/k8s.io/client-go/util/cert/triple/triple.go b/staging/src/k8s.io/client-go/util/cert/triple/triple.go deleted file mode 100644 index b89ef7240f..0000000000 --- a/staging/src/k8s.io/client-go/util/cert/triple/triple.go +++ /dev/null @@ -1,116 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package triple generates key-certificate pairs for the -// triple (CA, Server, Client). -package triple - -import ( - "crypto/rsa" - "crypto/x509" - "fmt" - "net" - - certutil "k8s.io/client-go/util/cert" -) - -type KeyPair struct { - Key *rsa.PrivateKey - Cert *x509.Certificate -} - -func NewCA(name string) (*KeyPair, error) { - key, err := certutil.NewPrivateKey() - if err != nil { - return nil, fmt.Errorf("unable to create a private key for a new CA: %v", err) - } - - config := certutil.Config{ - CommonName: name, - } - - cert, err := certutil.NewSelfSignedCACert(config, key) - if err != nil { - return nil, fmt.Errorf("unable to create a self-signed certificate for a new CA: %v", err) - } - - return &KeyPair{ - Key: key, - Cert: cert, - }, nil -} - -func NewServerKeyPair(ca *KeyPair, commonName, svcName, svcNamespace, dnsDomain string, ips, hostnames []string) (*KeyPair, error) { - key, err := certutil.NewPrivateKey() - if err != nil { - return nil, fmt.Errorf("unable to create a server private key: %v", err) - } - - namespacedName := fmt.Sprintf("%s.%s", svcName, svcNamespace) - internalAPIServerFQDN := []string{ - svcName, - namespacedName, - fmt.Sprintf("%s.svc", namespacedName), - fmt.Sprintf("%s.svc.%s", namespacedName, dnsDomain), - } - - altNames := certutil.AltNames{} - for _, ipStr := range ips { - ip := net.ParseIP(ipStr) - if ip != nil { - altNames.IPs = append(altNames.IPs, ip) - } - } - altNames.DNSNames = append(altNames.DNSNames, hostnames...) - altNames.DNSNames = append(altNames.DNSNames, internalAPIServerFQDN...) - - config := certutil.Config{ - CommonName: commonName, - AltNames: altNames, - Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, - } - cert, err := certutil.NewSignedCert(config, key, ca.Cert, ca.Key) - if err != nil { - return nil, fmt.Errorf("unable to sign the server certificate: %v", err) - } - - return &KeyPair{ - Key: key, - Cert: cert, - }, nil -} - -func NewClientKeyPair(ca *KeyPair, commonName string, organizations []string) (*KeyPair, error) { - key, err := certutil.NewPrivateKey() - if err != nil { - return nil, fmt.Errorf("unable to create a client private key: %v", err) - } - - config := certutil.Config{ - CommonName: commonName, - Organization: organizations, - Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, - } - cert, err := certutil.NewSignedCert(config, key, ca.Cert, ca.Key) - if err != nil { - return nil, fmt.Errorf("unable to sign the client certificate: %v", err) - } - - return &KeyPair{ - Key: key, - Cert: cert, - }, nil -}