Skip to content

Commit 3cdf84a

Browse files
ArkaSaha30ArkaSaha30
committed
update pkg/certificate NewProvider func
Signed-off-by: ArkaSaha30 <[email protected]>
1 parent 705df73 commit 3cdf84a

File tree

4 files changed

+41
-25
lines changed

4 files changed

+41
-25
lines changed

go.mod

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -85,9 +85,9 @@ require (
8585
github.com/x448/float16 v0.8.4 // indirect
8686
github.com/xiang90/probing v0.0.0-20221125231312-a49e3df8f510 // indirect
8787
go.etcd.io/bbolt v1.3.11 // indirect
88-
go.etcd.io/etcd/client/v2 v2.305.18 // indirect
89-
go.etcd.io/etcd/pkg/v3 v3.5.18 // indirect
90-
go.etcd.io/etcd/raft/v3 v3.5.18 // indirect
88+
go.etcd.io/etcd/client/v2 v2.305.19 // indirect
89+
go.etcd.io/etcd/pkg/v3 v3.5.19 // indirect
90+
go.etcd.io/etcd/raft/v3 v3.5.19 // indirect
9191
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
9292
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0 // indirect
9393
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0 // indirect
@@ -99,14 +99,14 @@ require (
9999
go.opentelemetry.io/otel/trace v1.33.0 // indirect
100100
go.opentelemetry.io/proto/otlp v1.4.0 // indirect
101101
go.uber.org/multierr v1.11.0 // indirect
102-
golang.org/x/crypto v0.32.0 // indirect
102+
golang.org/x/crypto v0.35.0 // indirect
103103
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
104-
golang.org/x/net v0.34.0 // indirect
104+
golang.org/x/net v0.36.0 // indirect
105105
golang.org/x/oauth2 v0.24.0 // indirect
106-
golang.org/x/sync v0.10.0 // indirect
107-
golang.org/x/sys v0.29.0 // indirect
108-
golang.org/x/term v0.28.0 // indirect
109-
golang.org/x/text v0.21.0 // indirect
106+
golang.org/x/sync v0.11.0 // indirect
107+
golang.org/x/sys v0.30.0 // indirect
108+
golang.org/x/term v0.29.0 // indirect
109+
golang.org/x/text v0.22.0 // indirect
110110
golang.org/x/time v0.8.0 // indirect
111111
golang.org/x/tools v0.28.0 // indirect
112112
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect

go.sum

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -211,18 +211,25 @@ go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
211211
go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
212212
go.etcd.io/etcd/api/v3 v3.5.18 h1:Q4oDAKnmwqTo5lafvB+afbgCDF7E35E4EYV2g+FNGhs=
213213
go.etcd.io/etcd/api/v3 v3.5.18/go.mod h1:uY03Ob2H50077J7Qq0DeehjM/A9S8PhVfbQ1mSaMopU=
214+
go.etcd.io/etcd/api/v3 v3.5.19/go.mod h1:QqKGViq4KTgOG43dr/uH0vmGWIaoJY3ggFi6ZH0TH/U=
214215
go.etcd.io/etcd/client/pkg/v3 v3.5.18 h1:mZPOYw4h8rTk7TeJ5+3udUkfVGBqc+GCjOJYd68QgNM=
215216
go.etcd.io/etcd/client/pkg/v3 v3.5.18/go.mod h1:BxVf2o5wXG9ZJV+/Cu7QNUiJYk4A29sAhoI5tIRsCu4=
217+
go.etcd.io/etcd/client/pkg/v3 v3.5.19/go.mod h1:qaOi1k4ZA9lVLejXNvyPABrVEe7VymMF2433yyRQ7O0=
216218
go.etcd.io/etcd/client/v2 v2.305.18 h1:jT7ANzlD47yu7t6ZGBr1trUDEN6P0RG9Wnyio6XP2Qo=
217219
go.etcd.io/etcd/client/v2 v2.305.18/go.mod h1:JikXfwJymsNv633PzkAb5xnVZmROgNWr4E68YCEz4jo=
220+
go.etcd.io/etcd/client/v2 v2.305.19/go.mod h1:RwBCzhkrsAlW8kV/O0aiwIRDTDULMEatGMlEMo9Ixek=
218221
go.etcd.io/etcd/client/v3 v3.5.18 h1:nvvYmNHGumkDjZhTHgVU36A9pykGa2K4lAJ0yY7hcXA=
219222
go.etcd.io/etcd/client/v3 v3.5.18/go.mod h1:kmemwOsPU9broExyhYsBxX4spCTDX3yLgPMWtpBXG6E=
223+
go.etcd.io/etcd/client/v3 v3.5.19/go.mod h1:FNzyinmMIl0oVsty1zA3hFeUrxXI/JpEnz4sG+POzjU=
220224
go.etcd.io/etcd/pkg/v3 v3.5.18 h1:ny8rLA18/4AMdrILacOKwt7//TJjc7oS8JIJoLuNvbY=
221225
go.etcd.io/etcd/pkg/v3 v3.5.18/go.mod h1:gb4CDXuN/OgzUgj+VmUFumLYQ2FUMDC6r/plLIjHPI8=
226+
go.etcd.io/etcd/pkg/v3 v3.5.19/go.mod h1:0sMAKVLJTpP4Og4oN8O2as9ph1f3copxUPfvi+RZ3zE=
222227
go.etcd.io/etcd/raft/v3 v3.5.18 h1:gueCda+9U76Lvk6rINjNc/mXalUp0u8OK5CVESDZh4I=
223228
go.etcd.io/etcd/raft/v3 v3.5.18/go.mod h1:XBaZHTJt3nLnpS8hMDR55Sxrq76cEC4xWYMBYSY3jcs=
229+
go.etcd.io/etcd/raft/v3 v3.5.19/go.mod h1:WKCdvqs9USiM72tau3LZEyybDWKbyaQV0k135O3C4xw=
224230
go.etcd.io/etcd/server/v3 v3.5.18 h1:u67DmyYyGOu08OiO9O3wgCSQEjGBNzjhH+FM3BcabcI=
225231
go.etcd.io/etcd/server/v3 v3.5.18/go.mod h1:waeL2uw6TdXniXaus105tiK1aSbblIBi21uk8y7D6Ng=
232+
go.etcd.io/etcd/server/v3 v3.5.19/go.mod h1:sEMCH1EdYxuWsFu2PzH31jEsmeCQqTUZ7E1uSo9gpg0=
226233
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
227234
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
228235
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0 h1:PS8wXpbyaDJQ2VDHHncMe9Vct0Zn1fEjpsjrLxGJoSc=
@@ -314,6 +321,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
314321
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
315322
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
316323
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
324+
golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
317325
golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
318326
golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
319327
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -326,6 +334,7 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY
326334
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
327335
golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
328336
golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
337+
golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
329338
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
330339
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
331340
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

pkg/certificate/cert_manager/provider.go

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -19,19 +19,19 @@ import (
1919
corev1 "k8s.io/api/core/v1"
2020
k8serrors "k8s.io/apimachinery/pkg/api/errors"
2121
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
22-
"k8s.io/apimachinery/pkg/runtime"
2322
"sigs.k8s.io/controller-runtime/pkg/client"
2423

2524
interfaces "go.etcd.io/etcd-operator/pkg/certificate/interfaces"
2625
)
2726

2827
type Provider struct {
2928
client.Client
30-
Scheme *runtime.Scheme
3129
}
3230

33-
func New() *Provider {
34-
return &Provider{}
31+
func New(client client.Client) *Provider {
32+
return &Provider{
33+
client,
34+
}
3535
}
3636

3737
func (cm *Provider) createCertificate(
@@ -57,7 +57,7 @@ func (cm *Provider) createCertificate(
5757
},
5858
}
5959

60-
return cm.Create(ctx, certificateResource)
60+
return cm.Client.Create(ctx, certificateResource)
6161
}
6262

6363
// parsePrivateKey parses the private key from the PEM-encoded data.
@@ -119,8 +119,8 @@ func (cm *Provider) EnsureCertificateSecret(
119119

120120
checkCertSecret, valErr := cm.ValidateCertificateSecret(ctx, secretName, namespace, cfg)
121121
if valErr != nil {
122-
return fmt.Errorf("invalid certificate secret: %s present in namespace: %s, please delete and try again",
123-
secretName, namespace)
122+
return fmt.Errorf("invalid certificate secret: %s present in namespace: %s, please delete and try again.\nError: %s",
123+
secretName, namespace, valErr)
124124
}
125125
if checkCertSecret {
126126
return fmt.Errorf("valid certificate secret: %s already present in namespace: %s , skipping Certificate creation",
@@ -138,7 +138,7 @@ func (cm *Provider) ValidateCertificateSecret(
138138
namespace string,
139139
_ *interfaces.Config) (bool, error) {
140140
secret := &corev1.Secret{}
141-
err := cm.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, secret)
141+
err := cm.Client.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, secret)
142142
if err != nil {
143143
return false, nil
144144
}
@@ -148,12 +148,17 @@ func (cm *Provider) ValidateCertificateSecret(
148148
return false, errors.New("certificate not found in secret")
149149
}
150150

151+
decodeCertificatePem, _ := pem.Decode(certificateData)
152+
if decodeCertificatePem == nil {
153+
return false, errors.New("failed to decode PEM block")
154+
}
155+
151156
privateKeyData, keyExists := secret.Data["tls.key"]
152157
if !keyExists {
153158
return false, errors.New("private key not found in secret")
154159
}
155160

156-
parseCert, err := x509.ParseCertificate(certificateData)
161+
parseCert, err := x509.ParseCertificate(decodeCertificatePem.Bytes)
157162
if err != nil {
158163
return false, fmt.Errorf("failed to parse certificate: %w", err)
159164
}
@@ -176,13 +181,13 @@ func (cm *Provider) ValidateCertificateSecret(
176181

177182
func (cm *Provider) DeleteCertificateSecret(ctx context.Context, secretName string, namespace string) error {
178183
secret := &corev1.Secret{}
179-
err := cm.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, secret)
184+
err := cm.Client.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, secret)
180185
if err != nil {
181186
return fmt.Errorf("failed to get secret: %w", err)
182187
}
183188

184189
// Delete the Secret
185-
err = cm.Delete(ctx, secret)
190+
err = cm.Client.Delete(ctx, secret)
186191
if err != nil {
187192
return fmt.Errorf("failed to delete secret: %w", err)
188193
}
@@ -192,12 +197,12 @@ func (cm *Provider) DeleteCertificateSecret(ctx context.Context, secretName stri
192197

193198
func (cm *Provider) RevokeCertificate(ctx context.Context, secretName string, namespace string) error {
194199
cmCertificate := &certmanagerv1.Certificate{}
195-
getCertificateErr := cm.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, cmCertificate)
200+
getCertificateErr := cm.Client.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, cmCertificate)
196201
if getCertificateErr != nil {
197202
return getCertificateErr
198203
}
199204

200-
deleteCertificateErr := cm.Delete(ctx, cmCertificate)
205+
deleteCertificateErr := cm.Client.Delete(ctx, cmCertificate)
201206
if deleteCertificateErr != nil {
202207
return deleteCertificateErr
203208
}
@@ -223,7 +228,7 @@ func (cm *Provider) GetCertificateConfig(
223228
secretName string,
224229
namespace string) (*interfaces.Config, error) {
225230
cmCertificate := &certmanagerv1.Certificate{}
226-
err := cm.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, cmCertificate)
231+
err := cm.Client.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, cmCertificate)
227232
if err != nil {
228233
return nil, fmt.Errorf("failed to get certificate: %w", err)
229234
}

pkg/certificate/certificate.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ package certificate
33
import (
44
"fmt"
55

6+
"sigs.k8s.io/controller-runtime/pkg/client"
7+
68
"go.etcd.io/etcd-operator/pkg/certificate/cert_manager"
79
certInterface "go.etcd.io/etcd-operator/pkg/certificate/interfaces"
810
)
@@ -15,12 +17,12 @@ const (
1517
// add more ...
1618
)
1719

18-
func NewProvider(pt ProviderType) (certInterface.Provider, error) {
20+
func NewProvider(pt ProviderType, c client.Client) (certInterface.Provider, error) {
1921
switch pt {
2022
case Auto:
2123
return nil, nil // change me later
2224
case CertManager:
23-
return cert_manager.New(), nil // change me later
25+
return cert_manager.New(c), nil // change me later
2426
}
2527

2628
return nil, fmt.Errorf("unknown provider type: %s", pt)

0 commit comments

Comments
 (0)