Skip to content

Commit 240754a

Browse files
simusimu
committed
Refactor initCACertificate into newCACertificate 
1 parent 79474d2 commit 240754a

File tree

1 file changed

+24
-17
lines changed

1 file changed

+24
-17
lines changed

certs/ca.go

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
corev1 "k8s.io/api/core/v1"
1212
extv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
1313
"k8s.io/apimachinery/pkg/api/errors"
14+
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
1415
"sigs.k8s.io/controller-runtime/pkg/client"
1516
)
1617

@@ -82,7 +83,7 @@ func ensureCACertificate(ctx context.Context, c client.Client, l logr.Logger, ca
8283
}
8384
if errors.IsNotFound(err) {
8485
l.Info("Service CA certificate doesn't exist, creating...")
85-
initCACertificate(&caCert, caNamespace)
86+
caCert = newCACertificate(caNamespace)
8687
if err := c.Create(ctx, &caCert); err != nil {
8788
return err
8889
}
@@ -113,22 +114,28 @@ func ensureServiceCAIssuer(ctx context.Context, c client.Client, l logr.Logger,
113114
return nil
114115
}
115116

116-
// initCACertificate initializes the Service CA certificate resource
117-
func initCACertificate(caCert *cmapi.Certificate, caNamespace string) {
118-
caCert.Name = CACertName
119-
caCert.Namespace = caNamespace
120-
caCert.Spec.IsCA = true
121-
caCert.Spec.CommonName = CAName
122-
caCert.Spec.SecretName = CASecretName
123-
// TODO: make the private key config configurable?
124-
caCert.Spec.PrivateKey = &cmapi.CertificatePrivateKey{
125-
Algorithm: cmapi.ECDSAKeyAlgorithm,
126-
Size: 521,
127-
}
128-
caCert.Spec.IssuerRef = cmmeta.ObjectReference{
129-
Name: SelfSignedIssuerName,
130-
Kind: "Issuer",
131-
Group: "cert-manager.io",
117+
// newCACertificate returns a new Service CA certificate resource
118+
func newCACertificate(caNamespace string) cmapi.Certificate {
119+
return cmapi.Certificate{
120+
ObjectMeta: metav1.ObjectMeta{
121+
Name: CACertName,
122+
Namespace: caNamespace,
123+
},
124+
Spec: cmapi.CertificateSpec{
125+
IsCA: true,
126+
CommonName: CAName,
127+
SecretName: CASecretName,
128+
// TODO: make the private key config configurable?
129+
PrivateKey: &cmapi.CertificatePrivateKey{
130+
Algorithm: cmapi.ECDSAKeyAlgorithm,
131+
Size: 521,
132+
},
133+
IssuerRef: cmmeta.ObjectReference{
134+
Name: SelfSignedIssuerName,
135+
Kind: "Issuer",
136+
Group: "cert-manager.io",
137+
},
138+
},
132139
}
133140
}
134141

0 commit comments

Comments
 (0)