Skip to content

Commit

Permalink
fix: Generalizes sed and fixes dry-run cmd (kserve#363)
Browse files Browse the repository at this point in the history
#### Motivation
I experienced a few errors when running the install script using the `--enable-self-signed-ca` flag from the recently merged kserve#342. 

#### Modifications
- Use `sed -i.bak` to work around different versions of it, originally resulting in `sed: -i: No such file or directory` for me.
- Fix `--dry-run` error which requires a set value [(none, server, or client)](https://stackoverflow.com/questions/69531858/what-is-the-different-dry-run-opportunities)
- Fix typos

#### Result
Fixes errors associated with the `--enable-self-signed-ca` flag

Signed-off-by: Rafael Vasquez <raf.vasquez@ibm.com>
  • Loading branch information
rafvasq authored May 3, 2023
1 parent dd0229f commit 4746079
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
12 changes: 6 additions & 6 deletions scripts/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -325,16 +325,17 @@ if [[ $enable_self_signed_ca == "true" ]]; then
# comment out vars
configMapGeneratorStartLine=$(grep -n configMapGenerator ./default/kustomization.yaml |cut -d':' -f1)
configMapGeneratorBeforeLine=$((configMapGeneratorStartLine-1))
sed "1,${configMapGeneratorBeforeLine}s/^/#/g" -i default/kustomization.yaml
sed -i.bak "1,${configMapGeneratorBeforeLine}s/^/#/g" default/kustomization.yaml

# remove webhookcainjection_patch.yaml
sed 's+- webhookcainjection_patch.yaml++g' -i default/kustomization.yaml
sed -i.bak '/webhookcainjection_patch.yaml/d' default/kustomization.yaml

# create dummy secret 'modelmesh-webhook-server-cert'
secretExist=$(kubectl get secret modelmesh-webhook-server-cert --ignore-not-found|wc -l)
if [[ $secretExist == 0 ]]; then
if [[ $secretExist -eq 0 ]]; then
kubectl create secret generic modelmesh-webhook-server-cert
fi
rm default/kustomization.yaml.bak
fi

kustomize build default | kubectl apply -f -
Expand Down Expand Up @@ -365,10 +366,9 @@ if [[ $enable_self_signed_ca == "true" ]]; then
info "Enabled Self Signed CA: Generate certificates and restart controller"

# Delete dummy secret for webhook server
kubectl delete secret modelmesh-webhook-server-cert
kubectl delete secret modelmesh-webhook-server-cert

../scripts/self-signed-ca.sh --namespace $namespace

fi

info "Waiting for ModelMesh Serving controller pod to be up..."
Expand Down
4 changes: 2 additions & 2 deletions scripts/self-signed-ca.sh
Original file line number Diff line number Diff line change
Expand Up @@ -116,10 +116,10 @@ openssl x509 -extensions v3_req -req -days 365 -in ${tmpdir}/server.csr -CA ${tm
kubectl create secret generic ${secret} \
--from-file=tls.key=${tmpdir}/server.key \
--from-file=tls.crt=${tmpdir}/server.crt \
--dry-run -o yaml |
--dry-run=server -o yaml |
kubectl -n ${namespace} apply -f -
# Webhook pod needs to be restarted so that the service reload the secret
# http://github.com/kueflow/kubeflow/issues/3227
# http://github.com/kubeflow/kubeflow/issues/3227
webhookPod=$(kubectl get pods -n ${namespace} |grep ${webhookDeploymentName} |awk '{print $1;}')
# ignore error if webhook pod does not exist
kubectl delete pod ${webhookPod} -n ${namespace} 2>/dev/null || true
Expand Down

0 comments on commit 4746079

Please sign in to comment.