From 7ffb5023c32e9fe099bd2e353ee81345635bbfba Mon Sep 17 00:00:00 2001 From: "Francisco J. Solis" Date: Wed, 12 Oct 2022 10:05:11 -0500 Subject: [PATCH] fix: Add servicename in certs (#491) Before: A hardcoded string was used for setting the secret namespace After: The value for the secret namespace for settings is grabbed dynamically. Signed-off-by: Francisco J. Solis Signed-off-by: Francisco J. Solis Co-authored-by: Dan Rammer --- pkg/webhook/init_cert.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/webhook/init_cert.go b/pkg/webhook/init_cert.go index 24bfd957b..1a8792cc3 100644 --- a/pkg/webhook/init_cert.go +++ b/pkg/webhook/init_cert.go @@ -48,7 +48,7 @@ func InitCerts(ctx context.Context, propellerCfg *config.Config, cfg *webhookCon } logger.Infof(ctx, "Issuing certs") - certs, err := createCerts(podNamespace) + certs, err := createCerts(cfg.ServiceName, podNamespace) if err != nil { return err } @@ -153,7 +153,7 @@ func createWebhookSecret(ctx context.Context, namespace string, cfg *webhookConf return err } -func createCerts(serviceNamespace string) (certs webhookCerts, err error) { +func createCerts(serviceName string, serviceNamespace string) (certs webhookCerts, err error) { // CA config caRequest := &x509.Certificate{ SerialNumber: big.NewInt(2021), @@ -190,9 +190,9 @@ func createCerts(serviceNamespace string) (certs webhookCerts, err error) { return webhookCerts{}, err } - dnsNames := []string{"flyte-pod-webhook", - "flyte-pod-webhook." + serviceNamespace, "flyte-pod-webhook." + serviceNamespace + ".svc"} - commonName := "flyte-pod-webhook." + serviceNamespace + ".svc" + dnsNames := []string{serviceName, + serviceName + "." + serviceNamespace, serviceName + "." + serviceNamespace + ".svc"} + commonName := serviceName + "." + serviceNamespace + ".svc" // server cert config certRequest := &x509.Certificate{