This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
type CustomTLSCert struct { | |
Certificate string | |
Key string | |
} | |
func (c *RouteSyncController) getCA(tlsCert *CustomTLSCert) (*x509.CertPool, error) { | |
caCertPool := x509.NewCertPool() | |
if tlsCert != nil { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
func certificateVerifier(customCert []byte) error { | |
block, _ := pem.Decode([]byte(customCert)) | |
if block == nil { | |
return fmt.Errorf("failed to decode certificate PEM") | |
} | |
certificate, err := x509.ParseCertificate(block.Bytes) | |
if err != nil { | |
return err | |
} | |
now := time.Now() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
func ValidateCustomCertSecret(customCertSecret *corev1.Secret) (*routesub.CustomTLSCert, error) { | |
if customCertSecret == nil { | |
return nil, nil | |
} | |
if customCertSecret.Type != corev1.SecretTypeTLS { | |
return nil, fmt.Errorf("custom cert secret is not in %q type, instead uses %q type", corev1.SecretTypeTLS, customCertSecret.Type) | |
} | |
if len(customCertSecret.Data) == 0 { | |
return nil, fmt.Errorf("custom cert secret doesn't contain 'Data' field") | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
make build | |
fatal: No names found, cannot describe anything. | |
go build -mod=vendor -trimpath -ldflags "-s -w -X github.com/openshift/console-operator/pkg/version.versionFromGit="v0.0.0-unknown" -X github.com/openshift/console-operator/pkg/version.commitFromGit="f2b468860" -X github.com/openshift/console-operator/pkg/version.gitTreeState="dirty" -X github.com/openshift/console-operator/pkg/version.buildDate="2020-04-02T09:21:46Z" " github.com/openshift/console-operator/cmd/console | |
# k8s.io/client-go/tools/clientcmd | |
vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment: | |
errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method) | |
# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal | |
vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go:55:31: cannot use *typeSchema (type "sigs.k |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
make test-unit | |
go test -mod=vendor -race ./pkg/... ./cmd/... | |
? github.com/openshift/console-operator/pkg/api [no test files] | |
# k8s.io/client-go/tools/clientcmd | |
vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment: | |
errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method) | |
# github.com/openshift/library-go/pkg/operator/v1helpers | |
vendor/github.com/openshift/library-go/pkg/operator/v1helpers/helpers.go:235:5: cannot use aggregate literal (type aggregate) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment: | |
aggregate does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method) | |
# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# create a secret with htpasswd file data for user 'test' with password 'test' | |
oc apply -f - <<EOF | |
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: htpass-secret | |
namespace: openshift-config | |
data: | |
htpasswd: dGVzdDokYXByMSRxa0Zvb203dCRSWFIuNHhTV0lhL3h6dkRRUUFFUG8w | |
EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package testframework | |
import ( | |
"fmt" | |
"testing" | |
"time" | |
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | |
"k8s.io/apimachinery/pkg/types" | |
"k8s.io/apimachinery/pkg/util/wait" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
func ManageConsole(logger Logger, client *Clientset) error { | |
cr, err := client.ConsoleV1alpha1Interface.Consoles(consoleapi.OpenShiftConsoleOperatorNamespace).Get(consoleapi.ResourceName, metav1.GetOptions{}) | |
if err != nil { | |
return err | |
} | |
if isOperatorManaged(cr) { | |
logger.Logf("console operator already in 'Managed' state") | |
return nil | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: console-operator-authentication-reader | |
namespace: kube-system | |
roleRef: | |
kind: Role | |
name: console-operator-authentication-reader | |
apiGroup: rbac.authorization.k8s.io | |
subjects: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
W0103 18:42:37.442096 1 cmd.go:127] Using insecure, self-signed certificates | |
I0103 18:42:37.442415 1 crypto.go:493] Generating new CA for console-operator-signer@1546540957 cert, and key in /tmp/serving-cert-328978447/serving-signer.crt, /tmp/serving-cert-328978447/serving-signer.key | |
I0103 18:42:37.979025 1 crypto.go:585] Generating server certificate in /tmp/serving-cert-328978447/tls.crt, key in /tmp/serving-cert-328978447/tls.key | |
I0103 18:42:38.268261 1 observer_polling.go:37] Adding reactor for file "/var/run/configmaps/config/controller-config.yaml" | |
I0103 18:42:38.268353 1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.crt" | |
I0103 18:42:38.268379 1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.key" | |
I0103 18:42:38.268856 1 observer_polling.go:96] Starting file observer | |
panic: unable to obtain replicaset reference for events: pods "console-operator-749cd856cb-7lmrq" is forbidden: User "system: |