From cf31d9413e92f80fe96648ef0860bd0fa13629fa Mon Sep 17 00:00:00 2001 From: Jacob Simpson Date: Mon, 23 Jan 2017 16:20:21 -0800 Subject: [PATCH] Release API watch resources when done. --- pkg/kubelet/util/csr/csr.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/pkg/kubelet/util/csr/csr.go b/pkg/kubelet/util/csr/csr.go index a1848788a1..cc09aef5e7 100644 --- a/pkg/kubelet/util/csr/csr.go +++ b/pkg/kubelet/util/csr/csr.go @@ -64,12 +64,11 @@ func RequestNodeCertificate(client certificatesclient.CertificateSigningRequestI }) if err != nil { return nil, fmt.Errorf("cannot create certificate signing request: %v", err) - } // Make a default timeout = 3600s. var defaultTimeoutSeconds int64 = 3600 - resultCh, err := client.Watch(metav1.ListOptions{ + certWatch, err := client.Watch(metav1.ListOptions{ Watch: true, TimeoutSeconds: &defaultTimeoutSeconds, FieldSelector: fields.OneTermEqualSelector("metadata.name", req.Name).String(), @@ -77,9 +76,8 @@ func RequestNodeCertificate(client certificatesclient.CertificateSigningRequestI if err != nil { return nil, fmt.Errorf("cannot watch on the certificate signing request: %v", err) } - - var status certificates.CertificateSigningRequestStatus - ch := resultCh.ResultChan() + defer certWatch.Stop() + ch := certWatch.ResultChan() for { event, ok := <-ch @@ -91,7 +89,7 @@ func RequestNodeCertificate(client certificatesclient.CertificateSigningRequestI if event.Object.(*certificates.CertificateSigningRequest).UID != req.UID { continue } - status = event.Object.(*certificates.CertificateSigningRequest).Status + status := event.Object.(*certificates.CertificateSigningRequest).Status for _, c := range status.Conditions { if c.Type == certificates.CertificateDenied { return nil, fmt.Errorf("certificate signing request is not approved, reason: %v, message: %v", c.Reason, c.Message)