Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-09-19 12:34:44 -04:00
Code Issues Projects Releases Packages Wiki Activity

Simplify node lock and various small changes

Browse source 
Co-authored-by: Fabian Kammel <fabian@kammel.dev>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
This commit is contained in:
Malte Poll 2022-07-14 15:45:04 +02:00 committed by Paul Meyer
parent 2bcf001d52
commit cce2611e2a
31 changed files with 530 additions and 229 deletions
Download patch file Download diff file Expand all files Collapse all files

22
joinservice/internal/kubeadm/kubeadm.go
View file

@ -67,8 +67,8 @@ func (k *Kubeadm) GetJoinToken(ttl time.Duration) (*kubeadm.BootstrapTokenDiscov
Token: tokenStr,
Description: "Bootstrap token generated by Constellation's Join service",
TTL: &metav1.Duration{Duration: ttl},
Usages: []string{"signing", "authentication"},
Groups: []string{"system:bootstrappers:kubeadm:default-node-token"},
Usages: kubeconstants.DefaultTokenUsages,
Groups: kubeconstants.DefaultTokenGroups,
}
// create the token in Kubernetes
@ -113,33 +113,23 @@ func (k *Kubeadm) GetControlPlaneCertificatesAndKeys() (map[string][]byte, error
k.log.Infof("Loading control plane certificates and keys")
controlPlaneFiles := make(map[string][]byte)
keyFilenames := []string{
filenames := []string{
kubeconstants.CAKeyName,
kubeconstants.ServiceAccountPrivateKeyName,
kubeconstants.FrontProxyCAKeyName,
kubeconstants.EtcdCAKeyName,
}
certFilenames := []string{
kubeconstants.CACertName,
kubeconstants.ServiceAccountPublicKeyName,
kubeconstants.FrontProxyCACertName,
kubeconstants.EtcdCACertName,
}
for _, keyFilename := range keyFilenames {
key, err := k.file.Read(filepath.Join(kubeconstants.KubernetesDir, kubeconstants.DefaultCertificateDir, keyFilename))
for _, filename := range filenames {
key, err := k.file.Read(filepath.Join(kubeconstants.KubernetesDir, kubeconstants.DefaultCertificateDir, filename))
if err != nil {
return nil, err
}
controlPlaneFiles[keyFilename] = key
}
for _, certFilename := range certFilenames {
cert, err := k.file.Read(filepath.Join(kubeconstants.KubernetesDir, kubeconstants.DefaultCertificateDir, certFilename))
if err != nil {
return nil, err
}
controlPlaneFiles[certFilename] = cert
controlPlaneFiles[filename] = key
}
return controlPlaneFiles, nil