mirror of
https://github.com/kubevirt/containerized-data-importer.git
synced 2025-06-03 06:30:22 +00:00
85 lines
2.1 KiB
Go
85 lines
2.1 KiB
Go
package utils
|
|
|
|
import (
|
|
"io/ioutil"
|
|
"os"
|
|
"path"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
v1 "k8s.io/api/core/v1"
|
|
k8serrors "k8s.io/apimachinery/pkg/api/errors"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/client-go/kubernetes"
|
|
"k8s.io/client-go/rest"
|
|
certutil "k8s.io/client-go/util/cert"
|
|
"k8s.io/klog"
|
|
)
|
|
|
|
// CreateCertForTestService creates a TLS key/cert for a service, writes them to files
|
|
// and creates a config map containing the cert
|
|
func CreateCertForTestService(namespace, serviceName, configMapName, certDir, certFileName, keyFileName string) error {
|
|
klog.Info("Creating key/certificate")
|
|
|
|
config, err := rest.InClusterConfig()
|
|
if err != nil {
|
|
return errors.Wrap(err, "Error creating rest config")
|
|
}
|
|
|
|
clientset, err := kubernetes.NewForConfig(config)
|
|
if err != nil {
|
|
return errors.Wrap(err, "Error creating kubernetes client")
|
|
}
|
|
|
|
if err := os.MkdirAll(certDir, 0777); err != nil {
|
|
return errors.Wrapf(err, "Error making %s", certDir)
|
|
}
|
|
|
|
namespacedName := serviceName + "." + namespace
|
|
|
|
certBytes, keyBytes, err := certutil.GenerateSelfSignedCertKey(serviceName, nil, []string{namespacedName, namespacedName + ".svc"})
|
|
if err != nil {
|
|
return errors.Wrap(err, "Error generating key/cert")
|
|
}
|
|
|
|
cm := &v1.ConfigMap{
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Name: configMapName,
|
|
},
|
|
Data: map[string]string{
|
|
certFileName: string(certBytes),
|
|
},
|
|
}
|
|
|
|
stored, err := clientset.CoreV1().ConfigMaps(namespace).Get(configMapName, metav1.GetOptions{})
|
|
if err != nil {
|
|
if !k8serrors.IsNotFound(err) {
|
|
return errors.Wrapf(err, "Error getting configmap %s", configMapName)
|
|
}
|
|
|
|
_, err := clientset.CoreV1().ConfigMaps(namespace).Create(cm)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
} else {
|
|
cpy := stored.DeepCopy()
|
|
cpy.Data = cm.Data
|
|
_, err := clientset.CoreV1().ConfigMaps(namespace).Update(cpy)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
if err = ioutil.WriteFile(path.Join(certDir, certFileName), certBytes, 0644); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err = ioutil.WriteFile(path.Join(certDir, keyFileName), keyBytes, 0600); err != nil {
|
|
return err
|
|
}
|
|
|
|
klog.Info("Successfully created key/certificate")
|
|
return nil
|
|
}
|