openstack
/
magnum
Code Issues Proposed changes
Browse Source

Merge "Add subjectAltName back to CSR config"

changes/88/305188/1
Jenkins 6 years ago committed by Gerrit Code Review
parent
a10af07e3d 785eb98d5a
commit
39e8e1f054
3 changed files with 7 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      magnum/templates/kubernetes/fragments/make-cert-client.sh
  2. 5
      magnum/templates/kubernetes/fragments/make-cert.sh
  3. 19
      magnum/templates/swarm/fragments/make-cert.py

5
magnum/templates/kubernetes/fragments/make-cert-client.sh
Unescape View File

@ -82,10 +82,7 @@ CN = kubernetes.invalid
[req_ext]
keyUsage=critical,digitalSignature,keyEncipherment
extendedKeyUsage=clientAuth
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6 address
#subjectAltName=dirName:kubelet,dirName:kubeproxy
subjectAltName=dirName:kubelet,dirName:kubeproxy
[kubelet]
CN=kubelet
[kubeproxy]

5
magnum/templates/kubernetes/fragments/make-cert.sh
Unescape View File

@ -87,10 +87,7 @@ prompt = no
[req_distinguished_name]
CN = kubernetes.invalid
[req_ext]
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6 address
#subjectAltName = ${sans}
subjectAltName = ${sans}
extendedKeyUsage = clientAuth,serverAuth
EOF

19
magnum/templates/swarm/fragments/make-cert.py
Unescape View File

@ -40,11 +40,7 @@ copy_extensions = copyall
[req_distinguished_name]
CN = swarm.invalid
[req_ext]
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6
# address
#subjectAltName = %(subject_alt_names)s
subjectAltName = %(subject_alt_names)s
extendedKeyUsage = clientAuth,serverAuth
"""
@ -103,15 +99,10 @@ def write_server_key():
def _write_csr_config(config):
with open(SERVER_CONF_PATH, 'w') as fp:
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or
# IPv6 address
# params = {
# 'subject_alt_names': _build_subject_alt_names(config)
# }
# fp.write(CSR_CONFIG_TEMPLATE % params)
fp.write(CSR_CONFIG_TEMPLATE)
params = {
'subject_alt_names': _build_subject_alt_names(config)
}
fp.write(CSR_CONFIG_TEMPLATE % params)
def create_server_csr(config):

Write Preview
Loading…
Cancel
Save