mirror of https://github.com/k3s-io/k3s
Actually fix agent certificate rotation
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>pull/9909/head
Brad Davidson
Brad Davidson
parent
08f1022663
commit
4cc73b1fee
|
|
@ -5,7 +5,6 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strconv"
|
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
|
@ -191,15 +190,21 @@ func rotate(app *cli.Context, cfg *cmds.Server) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func backupCertificates(serverDataDir, agentDataDir string, fileMap map[string][]string) (string, error) {
|
func backupCertificates(serverDataDir, agentDataDir string, fileMap map[string][]string) (string, error) {
|
||||||
|
backupDirName := fmt.Sprintf("tls-%d", time.Now().Unix())
|
||||||
serverTLSDir := filepath.Join(serverDataDir, "tls")
|
serverTLSDir := filepath.Join(serverDataDir, "tls")
|
||||||
tlsBackupDir := filepath.Join(serverDataDir, "tls-"+strconv.Itoa(int(time.Now().Unix())))
|
tlsBackupDir := filepath.Join(agentDataDir, backupDirName)
|
||||||
|
|
||||||
|
// backup the server TLS dir if it exists
|
||||||
if _, err := os.Stat(serverTLSDir); err != nil {
|
if _, err := os.Stat(serverTLSDir); err != nil {
|
||||||
|
if !os.IsNotExist(err) {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
tlsBackupDir = filepath.Join(serverDataDir, backupDirName)
|
||||||
if err := copy.Copy(serverTLSDir, tlsBackupDir); err != nil {
|
if err := copy.Copy(serverTLSDir, tlsBackupDir); err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for _, files := range fileMap {
|
for _, files := range fileMap {
|
||||||
for _, file := range files {
|
for _, file := range files {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue