Skip to content

k8s-ingress
k8s-ingress
Commit dd63d8de authored by Geoff Simmons's avatar Geoff Simmons Committed by Tim Leers
Browse files
Options

Fix managing the Secret in which PEM files are created. 

The Secret must be in the same namespace of the Pods into which
their contents are mounted.
parent 960a1d3a
Hide whitespace changes
Inline Side-by-side
Showing with 5 additions and 8 deletions
pkg/controller/secret.go
View file @ dd63d8de
......@@ -44,7 +44,6 @@ import (
const (
admSecretKey = "admin"
dplaneSecretKey = "dataplaneapi"
certSecretNs = "kube-system"
certSecretName = "tls-cert"
tlsSecretType = "kubernetes.io/tls"
)
......@@ -77,7 +76,6 @@ func (worker *NamespaceWorker) updateCertSecret(spec *haproxy.Spec) error {
tlsSecret.ObjectMeta.Name)
}
nsLister = worker.listers.secr.Secrets(certSecretNs)
certSecret, err := nsLister.Get(certSecretName)
if err != nil {
return err
......@@ -97,8 +95,8 @@ func (worker *NamespaceWorker) updateCertSecret(spec *haproxy.Spec) error {
"Ingress TLS Secret %s/%s", certSecret.ObjectMeta.Namespace,
certSecret.ObjectMeta.Name, certName,
tlsSecret.ObjectMeta.Namespace, tlsSecret.ObjectMeta.Name)
_, err = worker.client.CoreV1().Secrets("kube-system").
Update(certSecret)
_, err = worker.client.CoreV1().
Secrets(certSecret.ObjectMeta.Namespace).Update(certSecret)
if err != nil {
return err
}
......@@ -108,8 +106,7 @@ func (worker *NamespaceWorker) updateCertSecret(spec *haproxy.Spec) error {
}
func (worker *NamespaceWorker) deleteTLSSecret(secret *api_v1.Secret) error {
nsLister := worker.listers.secr.Secrets(certSecretNs)
certSecret, err := nsLister.Get(certSecretName)
certSecret, err := worker.secr.Get(certSecretName)
if err != nil {
return err
}
......@@ -125,8 +122,8 @@ func (worker *NamespaceWorker) deleteTLSSecret(secret *api_v1.Secret) error {
"contents from Ingress TLS Secret %s/%s",
certSecret.ObjectMeta.Namespace, certSecret.ObjectMeta.Name,
certName, secret.ObjectMeta.Namespace, secret.ObjectMeta.Name)
_, err = worker.client.CoreV1().Secrets("kube-system").
Update(certSecret)
_, err = worker.client.CoreV1().
Secrets(certSecret.ObjectMeta.Namespace).Update(certSecret)
return err
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment