From 09b5c65dd856e485376cab71dd836a4db75953ae Mon Sep 17 00:00:00 2001 From: Ben Parees Date: Thu, 6 Dec 2018 20:57:40 -0500 Subject: [PATCH] Revert "copy build certificates to /etc/docker/certs.d" --- cmd/main.go | 51 +++++++++++++++------------------------------------ 1 file changed, 15 insertions(+), 36 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index 92677cc1054..be4861b4f42 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -3,7 +3,6 @@ package main import ( "fmt" "io" - "io/ioutil" "math/rand" "os" "path/filepath" @@ -36,11 +35,10 @@ func main() { } const tlsCertRoot = "/etc/pki/tls/certs" - const runtimeCertRoot = "/etc/docker/certs.d" clusterCASrc := fmt.Sprintf("%s/ca.crt", builder.SecretCertsMountPath) clusterCADst := fmt.Sprintf("%s/cluster.crt", tlsCertRoot) - err := CopyFileIfExists(clusterCASrc, clusterCADst) + err := CopyIfExists(clusterCASrc, clusterCADst) if err != nil { fmt.Printf("Error setting up cluster CA cert: %v", err) os.Exit(1) @@ -49,19 +47,28 @@ func main() { // TODO: Remove this once the config-map based mount approach lands after rebase oldServiceCASrc := fmt.Sprintf("%s/service-ca.crt", builder.SecretCertsMountPath) oldServiceCADst := fmt.Sprintf("%s/service.crt", tlsCertRoot) - err = CopyFileIfExists(oldServiceCASrc, oldServiceCADst) + err = CopyIfExists(oldServiceCASrc, oldServiceCADst) if err != nil { fmt.Printf("Error setting up service CA cert: %v", err) os.Exit(1) } - runtimeCASrc := fmt.Sprintf("%s/certs.d", builder.ConfigMapCertsMountPath) - err = CopyDirIfExists(runtimeCASrc, runtimeCertRoot) + newServiceCASrc := fmt.Sprintf("%s/service-ca.crt", builder.ConfigMapCertsMountPath) + newServiceCADst := fmt.Sprintf("%s/openshift-service.crt", tlsCertRoot) + err = CopyIfExists(newServiceCASrc, newServiceCADst) if err != nil { fmt.Printf("Error setting up service CA cert: %v", err) os.Exit(1) } + additionalCASrc := fmt.Sprintf("%s/additional-ca.crt", builder.ConfigMapCertsMountPath) + additionalCADst := fmt.Sprintf("%s/additional-ca.crt", tlsCertRoot) + err = CopyIfExists(additionalCASrc, additionalCADst) + if err != nil { + fmt.Printf("Error setting up additional trusted CA bundle: %v", err) + os.Exit(1) + } + basename := filepath.Base(os.Args[0]) command := CommandFor(basename) if err := command.Execute(); err != nil { @@ -69,37 +76,9 @@ func main() { } } -// CopyDirIfExists recursively copies a directory to the destination path. -// If the source directory does not exist, no error is returned. -// If the destination directory exists, any contents with matching file names -// will be overwritten. -func CopyDirIfExists(src, dst string) error { - srcInfo, err := os.Stat(src) - if os.IsNotExist(err) { - return nil - } - if err = os.MkdirAll(dst, srcInfo.Mode()); err != nil { - return err - } - dirInfo, err := ioutil.ReadDir(src) - for _, info := range dirInfo { - srcPath := filepath.Join(src, info.Name()) - dstPath := filepath.Join(dst, info.Name()) - if info.IsDir() { - err = CopyDirIfExists(srcPath, dstPath) - } else { - err = CopyFileIfExists(srcPath, dstPath) - } - if err != nil { - return err - } - } - return nil -} - -// CopyFileIfExists copies the source file to the given destination, if the source file exists. +// CopyIfExists copies the source file to the given destination, if the source file exists. // If the destination file exists, it will be overwritten and will not copy file attributes. -func CopyFileIfExists(src, dst string) error { +func CopyIfExists(src, dst string) error { _, err := os.Stat(src) if os.IsNotExist(err) { return nil