mirror of https://github.com/k3s-io/k3s
Add supervisor cert/key to rotate list
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 60248c42de
)
pull/9938/head
parent
870030cc9a
commit
29667f317b
|
@ -23,7 +23,7 @@ var (
|
|||
DataDirFlag,
|
||||
&cli.StringSliceFlag{
|
||||
Name: "service,s",
|
||||
Usage: "List of services to manage certificates for. Options include (admin, api-server, controller-manager, scheduler, " + version.Program + "-controller, " + version.Program + "-server, cloud-controller, etcd, auth-proxy, kubelet, kube-proxy)",
|
||||
Usage: "List of services to manage certificates for. Options include (admin, api-server, controller-manager, scheduler, supervisor, " + version.Program + "-controller, " + version.Program + "-server, cloud-controller, etcd, auth-proxy, kubelet, kube-proxy)",
|
||||
Value: &ServicesList,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ const (
|
|||
APIServer = "api-server"
|
||||
Admin = "admin"
|
||||
AuthProxy = "auth-proxy"
|
||||
CertificateAuthority = "certificate-authority"
|
||||
CloudController = "cloud-controller"
|
||||
ControllerManager = "controller-manager"
|
||||
ETCD = "etcd"
|
||||
|
@ -20,7 +21,7 @@ const (
|
|||
ProgramController = "-controller"
|
||||
ProgramServer = "-server"
|
||||
Scheduler = "scheduler"
|
||||
CertificateAuthority = "certificate-authority"
|
||||
Supervisor = "supervisor"
|
||||
)
|
||||
|
||||
var Agent = []string{
|
||||
|
@ -30,13 +31,14 @@ var Agent = []string{
|
|||
}
|
||||
|
||||
var Server = []string{
|
||||
Admin,
|
||||
APIServer,
|
||||
Admin,
|
||||
AuthProxy,
|
||||
CloudController,
|
||||
ControllerManager,
|
||||
ETCD,
|
||||
Scheduler,
|
||||
Supervisor,
|
||||
version.Program + ProgramServer,
|
||||
}
|
||||
|
||||
|
@ -96,6 +98,11 @@ func FilesForServices(controlConfig config.Control, services []string) (map[stri
|
|||
filepath.Join(agentDataDir, "client-"+version.Program+"-controller.crt"),
|
||||
filepath.Join(agentDataDir, "client-"+version.Program+"-controller.key"),
|
||||
}
|
||||
case Supervisor:
|
||||
fileMap[service] = []string{
|
||||
controlConfig.Runtime.ClientSupervisorCert,
|
||||
controlConfig.Runtime.ClientSupervisorKey,
|
||||
}
|
||||
case AuthProxy:
|
||||
fileMap[service] = []string{
|
||||
controlConfig.Runtime.ClientAuthProxyCert,
|
||||
|
|
|
@ -88,6 +88,10 @@ func Test_UnitFilesForServices(t *testing.T) {
|
|||
"/var/lib/rancher/k3s/server/tls/client-scheduler.crt",
|
||||
"/var/lib/rancher/k3s/server/tls/client-scheduler.key",
|
||||
},
|
||||
"supervisor": []string{
|
||||
"/var/lib/rancher/k3s/server/tls/client-supervisor.crt",
|
||||
"/var/lib/rancher/k3s/server/tls/client-supervisor.key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -138,6 +142,10 @@ func Test_UnitFilesForServices(t *testing.T) {
|
|||
"/var/lib/rancher/k3s/server/tls/client-scheduler.crt",
|
||||
"/var/lib/rancher/k3s/server/tls/client-scheduler.key",
|
||||
},
|
||||
"supervisor": []string{
|
||||
"/var/lib/rancher/k3s/server/tls/client-supervisor.crt",
|
||||
"/var/lib/rancher/k3s/server/tls/client-supervisor.key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
|
|
@ -345,7 +345,6 @@ var _ = Describe("Verify Create", Ordered, func() {
|
|||
// Everything else should be changed.
|
||||
var expectResult = []string{
|
||||
"client-ca.crt", "client-ca.key", "client-ca.nochain.crt",
|
||||
"client-supervisor.crt", "client-supervisor.key",
|
||||
"peer-ca.crt", "peer-ca.key",
|
||||
"server-ca.crt", "server-ca.key",
|
||||
"request-header-ca.crt", "request-header-ca.key",
|
||||
|
|
Loading…
Reference in New Issue