mirror of https://github.com/k3s-io/k3s
feedback 1
fabriziopandini
Lubomir I. Ivanov
parent
911f6ea43e
commit
3b26c28dc0
|
|
@ -53,7 +53,7 @@ func For(cfg *kubeadmapi.JoinConfiguration) (*clientcmdapi.Config, error) {
|
|||
clusterinfo := kubeconfigutil.GetClusterFromKubeConfig(config)
|
||||
return kubeconfigutil.CreateWithToken(
|
||||
clusterinfo.Server,
|
||||
kubeadmapiv1beta2.DefaultClusterName,
|
||||
kubeadmapiv1beta1.DefaultClusterName,
|
||||
TokenUser,
|
||||
clusterinfo.CertificateAuthorityData,
|
||||
cfg.Discovery.TLSBootstrapToken,
|
||||
|
|
@ -66,7 +66,7 @@ func For(cfg *kubeadmapi.JoinConfiguration) (*clientcmdapi.Config, error) {
|
|||
}
|
||||
|
||||
// if there are no authentication credentials (nor in the config returned from discovery, nor in the TLSBootstrapToken), fail
|
||||
return nil, errors.New("couldn't find authentication credentials for the TLS boostrap process. Please use Token discovery, a discovery file with embedded authentication credentials or a discovery file without authentication credentials and the TLSBootstrapToken flag")
|
||||
return nil, errors.New("couldn't find authentication credentials for the TLS boostrap process. Please use Token discovery, a discovery file with embedded authentication credentials or a discovery file without authentication credentials but with the TLSBootstrapToken flag")
|
||||
}
|
||||
|
||||
// DiscoverValidatedKubeConfig returns a validated Config object that specifies where the cluster is and the CA cert to trust
|
||||
|
|
|
|||
|
|
@ -53,14 +53,14 @@ func ValidateConfigInfo(config *clientcmdapi.Config, clustername string) (*clien
|
|||
|
||||
var kubeconfig *clientcmdapi.Config
|
||||
|
||||
// If the discovery file config contains a authentication credentials
|
||||
// If the discovery file config contains authentication credentials
|
||||
if kubeconfigutil.HasAuthenticationCredentials(config) {
|
||||
klog.V(1).Info("[discovery] Using authentication credentials from the discovery file for validating TLS connection")
|
||||
|
||||
// Use the discovery file config for starting the join process
|
||||
kubeconfig = config
|
||||
|
||||
// We should ensure that all the authentication info are embedded in config file, so everything will work also when
|
||||
// We should ensure that all the authentication info is embedded in config file, so everything will work also when
|
||||
// the kubeconfig file will be stored in /etc/kubernetes/boostrap-kubelet.conf
|
||||
if err := kubeconfigutil.EnsureAuthenticationInfoAreEmbedded(kubeconfig); err != nil {
|
||||
return nil, errors.Wrap(err, "error while reading client cert file or client key file")
|
||||
|
|
@ -87,7 +87,7 @@ func ValidateConfigInfo(config *clientcmdapi.Config, clustername string) (*clien
|
|||
return nil, err
|
||||
}
|
||||
|
||||
var currentCluster = kubeconfigutil.GetClusterFromKubeConfig(kubeconfig)
|
||||
currentCluster := kubeconfigutil.GetClusterFromKubeConfig(kubeconfig)
|
||||
klog.V(1).Infof("[discovery] Created cluster-info discovery client, requesting info from %q\n", currentCluster.Server)
|
||||
|
||||
var clusterinfoCM *v1.ConfigMap
|
||||
|
|
@ -101,7 +101,7 @@ func ValidateConfigInfo(config *clientcmdapi.Config, clustername string) (*clien
|
|||
klog.Warningf("[discovery] Could not access the %s ConfigMap for refreshing the cluster-info information, but the TLS cert is valid so proceeding...\n", bootstrapapi.ConfigMapClusterInfo)
|
||||
return true, nil
|
||||
}
|
||||
klog.V(1).Infof("[discovery] Error reading the %s ConfigMap, will try again: [%v]\n", bootstrapapi.ConfigMapClusterInfo, err)
|
||||
klog.V(1).Infof("[discovery] Error reading the %s ConfigMap, will try again: %v\n", bootstrapapi.ConfigMapClusterInfo, err)
|
||||
return false, nil
|
||||
}
|
||||
return true, nil
|
||||
|
|
@ -119,11 +119,11 @@ func ValidateConfigInfo(config *clientcmdapi.Config, clustername string) (*clien
|
|||
return kubeconfig, nil
|
||||
}
|
||||
|
||||
var refreshedCluster = kubeconfigutil.GetClusterFromKubeConfig(refreshedBaseKubeConfig)
|
||||
refreshedCluster := kubeconfigutil.GetClusterFromKubeConfig(refreshedBaseKubeConfig)
|
||||
currentCluster.Server = refreshedCluster.Server
|
||||
currentCluster.CertificateAuthorityData = refreshedCluster.CertificateAuthorityData
|
||||
|
||||
klog.V(1).Infof("[discovery] Synced server and CA from the %s ConfigMap so we have got the latest information", bootstrapapi.ConfigMapClusterInfo)
|
||||
klog.V(1).Infof("[discovery] Synced Server and CertificateAuthorityData from the %s ConfigMap", bootstrapapi.ConfigMapClusterInfo)
|
||||
return kubeconfig, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -171,11 +171,8 @@ func EnsureAuthenticationInfoAreEmbedded(config *clientcmdapi.Config) error {
|
|||
|
||||
// getCurrentAuthInfo returns current authInfo, if defined
|
||||
func getCurrentAuthInfo(config *clientcmdapi.Config) *clientcmdapi.AuthInfo {
|
||||
if config == nil || config.CurrentContext == "" {
|
||||
return nil
|
||||
}
|
||||
|
||||
if len(config.Contexts) == 0 || config.Contexts[config.CurrentContext] == nil {
|
||||
if config == nil || config.CurrentContext == "" ||
|
||||
len(config.Contexts) == 0 || config.Contexts[config.CurrentContext] == nil {
|
||||
return nil
|
||||
}
|
||||
user := config.Contexts[config.CurrentContext].AuthInfo
|
||||
|
|
|
|||
|
|
@ -206,12 +206,12 @@ func TestGetCurrentAuthInfo(t *testing.T) {
|
|||
expected: false,
|
||||
},
|
||||
{
|
||||
name: "no CurrentContext object 1",
|
||||
name: "no CurrentContext object",
|
||||
config: &clientcmdapi.Config{CurrentContext: "kubernetes"},
|
||||
expected: false,
|
||||
},
|
||||
{
|
||||
name: "no CurrentContext object ",
|
||||
name: "CurrentContext object with bad contents",
|
||||
config: &clientcmdapi.Config{
|
||||
CurrentContext: "kubernetes",
|
||||
Contexts: map[string]*clientcmdapi.Context{"NOTkubernetes": {}},
|
||||
|
|
@ -227,7 +227,7 @@ func TestGetCurrentAuthInfo(t *testing.T) {
|
|||
expected: false,
|
||||
},
|
||||
{
|
||||
name: "no AuthInfo object 1",
|
||||
name: "no AuthInfo object",
|
||||
config: &clientcmdapi.Config{
|
||||
CurrentContext: "kubernetes",
|
||||
Contexts: map[string]*clientcmdapi.Context{"kubernetes": {AuthInfo: "kubernetes"}},
|
||||
|
|
@ -235,7 +235,7 @@ func TestGetCurrentAuthInfo(t *testing.T) {
|
|||
expected: false,
|
||||
},
|
||||
{
|
||||
name: "no AuthInfo object 2",
|
||||
name: "AuthInfo object with bad contents",
|
||||
config: &clientcmdapi.Config{
|
||||
CurrentContext: "kubernetes",
|
||||
Contexts: map[string]*clientcmdapi.Context{"kubernetes": {AuthInfo: "kubernetes"}},
|
||||
|
|
@ -244,7 +244,7 @@ func TestGetCurrentAuthInfo(t *testing.T) {
|
|||
expected: false,
|
||||
},
|
||||
{
|
||||
name: "authInfo",
|
||||
name: "valid AuthInfo",
|
||||
config: &clientcmdapi.Config{
|
||||
CurrentContext: "kubernetes",
|
||||
Contexts: map[string]*clientcmdapi.Context{"kubernetes": {AuthInfo: "kubernetes"}},
|
||||
|
|
|
|||
Loading…
Reference in New Issue