djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

certs_manager.go: Rename some local variables

Browse Source 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
This commit is contained in:
Ryan Richard 2021-02-18 11:16:34 -08:00 committed by Margo Crawford
parent 7a140bf63c
commit 126f9c0da3
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
internal/controller/apicerts/certs_manager.go
View File

@ -1,4 +1,4 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved. // Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
package apicerts package apicerts
@ -93,14 +93,14 @@ func (c *certsManagerController) Sync(ctx controllerlib.Context) error {
} }
// Create a CA. // Create a CA.
aggregatedAPIServerCA, err := certauthority.New(pkix.Name{CommonName: c.generatedCACommonName}, c.certDuration) ca, err := certauthority.New(pkix.Name{CommonName: c.generatedCACommonName}, c.certDuration)
if err != nil { if err != nil {
return fmt.Errorf("could not initialize CA: %w", err) return fmt.Errorf("could not initialize CA: %w", err)
} }
// Using the CA from above, create a TLS server cert for the aggregated API server to use. // Using the CA from above, create a TLS server cert.
serviceEndpoint := c.serviceNameForGeneratedCertCommonName + "." + c.namespace + ".svc" serviceEndpoint := c.serviceNameForGeneratedCertCommonName + "." + c.namespace + ".svc"
aggregatedAPIServerTLSCert, err := aggregatedAPIServerCA.Issue( tlsCert, err := ca.Issue(
pkix.Name{CommonName: serviceEndpoint}, pkix.Name{CommonName: serviceEndpoint},
[]string{serviceEndpoint}, []string{serviceEndpoint},
nil, nil,
@ -111,7 +111,7 @@ func (c *certsManagerController) Sync(ctx controllerlib.Context) error {
} }
// Write the CA's public key bundle and the serving certs to a secret. // Write the CA's public key bundle and the serving certs to a secret.
tlsCertChainPEM, tlsPrivateKeyPEM, err := certauthority.ToPEM(aggregatedAPIServerTLSCert) tlsCertChainPEM, tlsPrivateKeyPEM, err := certauthority.ToPEM(tlsCert)
if err != nil { if err != nil {
return fmt.Errorf("could not PEM encode serving certificate: %w", err) return fmt.Errorf("could not PEM encode serving certificate: %w", err)
} }
@ -123,7 +123,7 @@ func (c *certsManagerController) Sync(ctx controllerlib.Context) error {
Labels: c.certsSecretLabels, Labels: c.certsSecretLabels,
}, },
StringData: map[string]string{ StringData: map[string]string{
caCertificateSecretKey: string(aggregatedAPIServerCA.Bundle()), caCertificateSecretKey: string(ca.Bundle()),
tlsPrivateKeySecretKey: string(tlsPrivateKeyPEM), tlsPrivateKeySecretKey: string(tlsPrivateKeyPEM),
tlsCertificateChainSecretKey: string(tlsCertChainPEM), tlsCertificateChainSecretKey: string(tlsCertChainPEM),
}, },