use the ClusterTrustBundles beta API

2025-11-02 11:18:16 +00:00 · 2024-07-31 14:58:56 +02:00
parent f598b4860c
commit e0f536bf1f
20 changed files with 165 additions and 136 deletions
--- a/pkg/volume/projected/projected_test.go
+++ b/pkg/volume/projected/projected_test.go
@@ -32,7 +32,7 @@ import (

 	"github.com/google/go-cmp/cmp"
 	authenticationv1 "k8s.io/api/authentication/v1"
-	certificatesv1alpha1 "k8s.io/api/certificates/v1alpha1"
+	certificatesv1beta1 "k8s.io/api/certificates/v1beta1"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -912,11 +912,11 @@ func TestCollectDataWithClusterTrustBundle(t *testing.T) {
 				DefaultMode: utilptr.Int32(0644),
 			},
 			bundles: []runtime.Object{
-				&certificatesv1alpha1.ClusterTrustBundle{
+				&certificatesv1beta1.ClusterTrustBundle{
 					ObjectMeta: metav1.ObjectMeta{
 						Name: "foo",
 					},
-					Spec: certificatesv1alpha1.ClusterTrustBundleSpec{
+					Spec: certificatesv1beta1.ClusterTrustBundleSpec{
 						TrustBundle: string(goodCert1),
 					},
 				},
@@ -947,14 +947,14 @@ func TestCollectDataWithClusterTrustBundle(t *testing.T) {
 				DefaultMode: utilptr.Int32(0644),
 			},
 			bundles: []runtime.Object{
-				&certificatesv1alpha1.ClusterTrustBundle{
+				&certificatesv1beta1.ClusterTrustBundle{
 					ObjectMeta: metav1.ObjectMeta{
 						Name: "foo:example:bar",
 						Labels: map[string]string{
 							"key": "value",
 						},
 					},
-					Spec: certificatesv1alpha1.ClusterTrustBundleSpec{
+					Spec: certificatesv1beta1.ClusterTrustBundleSpec{
 						SignerName:  "foo.example/bar",
 						TrustBundle: string(goodCert1),
 					},
@@ -981,11 +981,11 @@ func TestCollectDataWithClusterTrustBundle(t *testing.T) {
 				DefaultMode: utilptr.Int32(0600),
 			},
 			bundles: []runtime.Object{
-				&certificatesv1alpha1.ClusterTrustBundle{
+				&certificatesv1beta1.ClusterTrustBundle{
 					ObjectMeta: metav1.ObjectMeta{
 						Name: "foo",
 					},
-					Spec: certificatesv1alpha1.ClusterTrustBundleSpec{
+					Spec: certificatesv1beta1.ClusterTrustBundleSpec{
 						TrustBundle: string(goodCert1),
 					},
 				},
--- a/pkg/volume/testing/volume_host.go
+++ b/pkg/volume/testing/volume_host.go
@@ -427,7 +427,7 @@ func (f *fakeKubeletVolumeHost) GetHostUtil() hostutil.HostUtils {
 }

 func (f *fakeKubeletVolumeHost) GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error) {
-	ctb, err := f.kubeClient.CertificatesV1alpha1().ClusterTrustBundles().Get(context.Background(), name, metav1.GetOptions{})
+	ctb, err := f.kubeClient.CertificatesV1beta1().ClusterTrustBundles().Get(context.Background(), name, metav1.GetOptions{})
 	if err != nil {
 		return nil, fmt.Errorf("while getting ClusterTrustBundle %s: %w", name, err)
 	}
@@ -437,7 +437,7 @@ func (f *fakeKubeletVolumeHost) GetTrustAnchorsByName(name string, allowMissing

 // Note: we do none of the deduplication and sorting that the real deal should do.
 func (f *fakeKubeletVolumeHost) GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error) {
-	ctbList, err := f.kubeClient.CertificatesV1alpha1().ClusterTrustBundles().List(context.Background(), metav1.ListOptions{})
+	ctbList, err := f.kubeClient.CertificatesV1beta1().ClusterTrustBundles().List(context.Background(), metav1.ListOptions{})
 	if err != nil {
 		return nil, fmt.Errorf("while listing all ClusterTrustBundles: %w", err)
 	}