Skip to content

Commit

Permalink
Merge pull request #1019 from nkvoll/fix-broken-certificates-name-col…
Browse files Browse the repository at this point in the history
…lision

Add missing namespace to Pod Listing when reconciling transport secrets
  • Loading branch information
nkvoll authored Jun 7, 2019
2 parents 10b8210 + f6091ff commit adcb90a
Showing 1 changed file with 6 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ func ReconcileTransportCertificateSecrets(
var pods corev1.PodList
if err := c.List(&client.ListOptions{
LabelSelector: label.NewLabelSelectorForElasticsearch(es),
Namespace: es.Namespace,
}, &pods); err != nil {
return reconcile.Result{}, err
}
Expand Down Expand Up @@ -185,6 +186,7 @@ func doReconcileTransportCertificateSecret(
func extractTransportCert(secret corev1.Secret, commonName string) *x509.Certificate {
certData, ok := secret.Data[certificates.CertFileName]
if !ok {
log.Info("No tls certificate found in secret", "secret", secret.Name)
return nil
}

Expand All @@ -195,12 +197,16 @@ func extractTransportCert(secret corev1.Secret, commonName string) *x509.Certifi
}

// look for the certificate based on the CommonName
var names []string
for _, c := range certs {
if c.Subject.CommonName == commonName {
return c
}
names = append(names, c.Subject.CommonName)
}

log.Info("Did not found a certificate with the expected common name", "secret", secret.Name, "expected", commonName, "found", names)

return nil
}

Expand Down

0 comments on commit adcb90a

Please sign in to comment.