github/sample-controller
4
0
Fork 0
mirror of https://github.com/kubernetes/sample-controller.git synced 2026-05-01 00:00:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #67178 from cblecker/cfssl

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 66602, 67178, 67207, 67125, 66332). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Vendor cfssl/cfssljson utilities

**What this PR does / why we need it**:
Vendors the `cfssl` and `cfssljson` tools. Updates `kube::util::ensure-cfssl` to use them.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
fixes #66995, fixes #60070

**Special notes for your reviewer**:
1. Add cfssl/cfssljson ot the required bins for saving
2. Manually cloned/checked out the new dependencies to my gopath. `godep restore` doesn't pull them down because they aren't required or already in the `Godeps.json`. Used @BenTheElder's list here: https://github.com/kubernetes/kubernetes/issues/66995#issuecomment-410594532
3. `hack/godep-save.sh` to add the packages and dependencies to godep
4. Fixed two bugs when building:
  a. `golang.org/x/crypto` needed to be updated
  b. `github.com/cloudflare/cfssl` needed to be updated to https://github.com/cloudflare/cfssl/commit/56268a613adfed278936377c18b1152d2c4ad5da so we can vendor their fork of `crypto/tls`, as we discard their modified vendored stdlib.
5. Update staging godeps
6. Update the `kube::util::ensure-cfssl` to install from vendor

**Release note**:
```release-note
NONE
```

Kubernetes-commit: 818e632c1fde5fb01bc8ccf9b9ee6201f33a28b4
This commit is contained in:
Kubernetes Publisher
2018-08-10 14:13:08 -07:00
parent 25b3dd8947 d43f422e57
commit b24841bd57
25 changed files with 806 additions and 317 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go
Generated Vendored
+4 -14
View File
@@ -20,6 +20,7 @@ import (
"bytes"
"context"
"crypto/tls"
"errors"
"fmt"
"io"
"net"
@@ -179,21 +180,10 @@ func (a *Authenticator) UpdateTransportConfig(c *transport.Config) error {
return &roundTripper{a, rt}
}
getCert := c.TLS.GetCert
c.TLS.GetCert = func() (*tls.Certificate, error) {
// If previous GetCert is present and returns a valid non-nil
// certificate, use that. Otherwise use cert from exec plugin.
if getCert != nil {
cert, err := getCert()
if err != nil {
return nil, err
}
if cert != nil {
return cert, nil
}
}
return a.cert()
if c.TLS.GetCert != nil {
return errors.New("can't add TLS certificate callback: transport.Config.TLS.GetCert already set")
}
c.TLS.GetCert = a.cert
var dial func(ctx context.Context, network, addr string) (net.Conn, error)
if c.Dial != nil {