8b4ed86071
This change fixes a race that can occur because we have multiple writers with no leader election lock. 1. TestAPIServingCertificateAutoCreationAndRotation/automatic expires the current serving certificate 2. CertsExpirerController 1 deletes expired serving certificate 3. CertsExpirerController 2 starts deletion of expired serving certificate but has not done so yet 4. CertsManagerController 1 creates new serving certificate 5. TestAPIServingCertificateAutoCreationAndRotation/automatic records the new serving certificate 6. CertsExpirerController 2 finishes deletion, and thus deletes the newly created serving certificate instead of the old one 7. CertsManagerController 2 creates new serving certificate 8. TestAPIServingCertificateAutoCreationAndRotation/automatic keeps running and eventually times out because it is expecting the serving certificate created by CertsManagerController 2 to match the value it recorded from CertsManagerController 1 (which will never happen since that certificate was incorrectly deleted). Signed-off-by: Monis Khan <mok@vmware.com> |
||
|---|---|---|
| .. | ||
| apiservice_updater.go | ||
| apiservice_updater_test.go | ||
| certs_expirer.go | ||
| certs_expirer_test.go | ||
| certs_manager.go | ||
| certs_manager_test.go | ||
| certs_observer.go | ||
| certs_observer_test.go | ||
| doc.go | ||
| update_api_service.go | ||
| update_api_service_test.go | ||