diff --git a/cmd/main.go b/cmd/main.go index be4861b4f42..0b5776eaae3 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -3,6 +3,7 @@ package main import ( "fmt" "io" + "io/ioutil" "math/rand" "os" "path/filepath" @@ -35,10 +36,11 @@ func main() { } const tlsCertRoot = "/etc/pki/tls/certs" + const runtimeCertRoot = "/etc/docker/certs.d" clusterCASrc := fmt.Sprintf("%s/ca.crt", builder.SecretCertsMountPath) clusterCADst := fmt.Sprintf("%s/cluster.crt", tlsCertRoot) - err := CopyIfExists(clusterCASrc, clusterCADst) + err := CopyFileIfExists(clusterCASrc, clusterCADst) if err != nil { fmt.Printf("Error setting up cluster CA cert: %v", err) os.Exit(1) @@ -47,25 +49,26 @@ func main() { // TODO: Remove this once the config-map based mount approach lands after rebase oldServiceCASrc := fmt.Sprintf("%s/service-ca.crt", builder.SecretCertsMountPath) oldServiceCADst := fmt.Sprintf("%s/service.crt", tlsCertRoot) - err = CopyIfExists(oldServiceCASrc, oldServiceCADst) + err = CopyFileIfExists(oldServiceCASrc, oldServiceCADst) if err != nil { fmt.Printf("Error setting up service CA cert: %v", err) os.Exit(1) } + // TODO: Remove this once the build controller mounts the internal registry's CA + // in certs.d// newServiceCASrc := fmt.Sprintf("%s/service-ca.crt", builder.ConfigMapCertsMountPath) newServiceCADst := fmt.Sprintf("%s/openshift-service.crt", tlsCertRoot) - err = CopyIfExists(newServiceCASrc, newServiceCADst) + err = CopyFileIfExists(newServiceCASrc, newServiceCADst) if err != nil { fmt.Printf("Error setting up service CA cert: %v", err) os.Exit(1) } - additionalCASrc := fmt.Sprintf("%s/additional-ca.crt", builder.ConfigMapCertsMountPath) - additionalCADst := fmt.Sprintf("%s/additional-ca.crt", tlsCertRoot) - err = CopyIfExists(additionalCASrc, additionalCADst) + runtimeCASrc := fmt.Sprintf("%s/certs.d", builder.ConfigMapCertsMountPath) + err = CopyDirIfExists(runtimeCASrc, runtimeCertRoot) if err != nil { - fmt.Printf("Error setting up additional trusted CA bundle: %v", err) + fmt.Printf("Error setting up service CA cert: %v", err) os.Exit(1) } @@ -76,9 +79,37 @@ func main() { } } -// CopyIfExists copies the source file to the given destination, if the source file exists. +// CopyDirIfExists recursively copies a directory to the destination path. +// If the source directory does not exist, no error is returned. +// If the destination directory exists, any contents with matching file names +// will be overwritten. +func CopyDirIfExists(src, dst string) error { + srcInfo, err := os.Stat(src) + if os.IsNotExist(err) { + return nil + } + if err = os.MkdirAll(dst, srcInfo.Mode()); err != nil { + return err + } + dirInfo, err := ioutil.ReadDir(src) + for _, info := range dirInfo { + srcPath := filepath.Join(src, info.Name()) + dstPath := filepath.Join(dst, info.Name()) + if info.IsDir() { + err = CopyDirIfExists(srcPath, dstPath) + } else { + err = CopyFileIfExists(srcPath, dstPath) + } + if err != nil { + return err + } + } + return nil +} + +// CopyFileIfExists copies the source file to the given destination, if the source file exists. // If the destination file exists, it will be overwritten and will not copy file attributes. -func CopyIfExists(src, dst string) error { +func CopyFileIfExists(src, dst string) error { _, err := os.Stat(src) if os.IsNotExist(err) { return nil