scottk/talos
1
0
Fork 0
mirror of https://github.com/lingble/talos.git synced 2025-12-02 05:43:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add additional kubernetes certs (#619)

Browse Source 
Add support for supplying all of the necessary CA cert and key pairs for
kubeadm use.

Signed-off-by: Brad Beam <brad.beam@talos-systems.com>
This commit is contained in:
Brad Beam
2019-05-07 11:30:10 -05:00
committed by GitHub
parent 7676a31b20
commit 2c0ec43a0b
7 changed files with 186 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/userdata/kubernetes_security_test.go
View File

@@ -36,8 +36,22 @@ func (suite *validateSuite) TestValidateKubernetesSecurity() {
suite.Require().Error(err)
// Successful test
kube.CA.Crt = []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----")
kube.CA.Key = []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----")
kube.CA = &x509.PEMEncodedCertificateAndKey{
Crt: []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
Key: []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----"),
}
kube.SA = &x509.PEMEncodedCertificateAndKey{
Crt: []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
Key: []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----"),
}
kube.FrontProxy = &x509.PEMEncodedCertificateAndKey{
Crt: []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
Key: []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----"),
}
kube.Etcd = &x509.PEMEncodedCertificateAndKey{
Crt: []byte("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
Key: []byte("-----BEGIN EC PRIVATE KEY-----\n-----END EC PRIVATE KEY-----"),
}
err = kube.Validate(CheckKubernetesCA())
suite.Require().NoError(err)
}