Operator will retrieve internal Operator certificate from /operator/internal-identity/internalOperatorCert instead of weblogic-operator-cm

Author: lennyphan

operator/src/main/java/oracle/kubernetes/operator/TuningParameters.java

@@ -259,4 +259,8 @@ public boolean equals(Object o) {
   public WatchTuning getWatchTuning();
 
   public PodTuning getPodTuning();
+
+  public String getFileContents(String path);
+
+  public boolean checkFileExists(String path);
 }

operator/src/main/java/oracle/kubernetes/operator/TuningParametersImpl.java

@@ -4,7 +4,10 @@
 
 package oracle.kubernetes.operator;
 
+import java.io.File;
 import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
@@ -134,4 +137,28 @@ public PodTuning getPodTuning() {
       lock.readLock().unlock();
     }
   }
+
+  // path - a file containing a base64 encoded string containing the operator's cert in pem format
+  public String getFileContents(String path) {
+    // in pem format
+    String result = null;
+    if (checkFileExists(path)) {
+      try {
+        result = new String(Files.readAllBytes(Paths.get(path)));
+      } catch (Throwable t) {
+      }
+    }
+    // do not include the certificate data in the log message
+    return result;
+  }
+
+  public boolean checkFileExists(String path) {
+    File f = new File(path);
+    boolean result = false;
+    if (f.exists() && f.isFile()) {
+      result = true;
+    }
+
+    return result;
+  }
 }

operator/src/main/java/oracle/kubernetes/operator/helpers/PodHelper.java

@@ -33,7 +33,10 @@ public class PodHelper {
   private PodHelper() {}
 
   static class AdminPodStepContext extends PodStepContext {
-    private static final String INTERNAL_OPERATOR_CERT_FILE = "internalOperatorCert";
+    private static final String OPERATOR_DIR = "/operator/";
+    private static final String INTERNAL_REST_IDENTITY_DIR = OPERATOR_DIR + "internal-identity/";
+    private static final String INTERNAL_OPERATOR_CERTIFICATE =
+        INTERNAL_REST_IDENTITY_DIR + "internalOperatorCert";
     static final String INTERNAL_OPERATOR_CERT_ENV = "INTERNAL_OPERATOR_CERT";
 
     AdminPodStepContext(Step conflictStep, Packet packet) {
@@ -132,7 +135,7 @@ protected Map<String, String> getPodAnnotations() {
     }
 
     private String getInternalOperatorCertFile(TuningParameters tuningParameters) {
-      return tuningParameters.get(INTERNAL_OPERATOR_CERT_FILE);
+      return tuningParameters.getFileContents(INTERNAL_OPERATOR_CERTIFICATE);
     }
   }
 

operator/src/test/java/oracle/kubernetes/operator/helpers/AdminPodHelperTest.java

@@ -41,7 +41,8 @@
 
 @SuppressWarnings("SameParameterValue")
 public class AdminPodHelperTest extends PodHelperTestBase {
-  private static final String INTERNAL_OPERATOR_CERT_FILE_PARAM = "internalOperatorCert";
+  private static final String INTERNAL_OPERATOR_CERT_FILE_PARAM =
+      "/operator/internal-identity/internalOperatorCert";
   private static final String INTERNAL_OPERATOR_CERT_ENV_NAME = "INTERNAL_OPERATOR_CERT";
   private static final String CERTFILE = "certfile";
 

operator/src/test/java/oracle/kubernetes/operator/helpers/TuningParametersStub.java

@@ -48,4 +48,9 @@ public CallBuilderTuning getCallBuilderTuning() {
   public String get(Object key) {
     return namedParameters.get(key);
   }
+
+  @Override
+  public String getFileContents(String path) {
+    return get(path);
+  }
 }