Merge "Add IPsec certificate to "system certificate-list""
This commit is contained in:
Zuul
Gerrit Code Review
commit
02c7893348
@ -19231,6 +19231,15 @@ class ConductorManager(service.PeriodicService):
|
|||||||
"/etc/kubernetes/pki/apiserver-kubelet-client.crt"),
|
"/etc/kubernetes/pki/apiserver-kubelet-client.crt"),
|
||||||
("front-proxy-client", constants.AUTOMATIC, "/etc/kubernetes/pki/front-proxy-client.crt"),
|
("front-proxy-client", constants.AUTOMATIC, "/etc/kubernetes/pki/front-proxy-client.crt"),
|
||||||
("front-proxy-ca", constants.AUTOMATIC, "/etc/kubernetes/pki/front-proxy-ca.crt")]
|
("front-proxy-ca", constants.AUTOMATIC, "/etc/kubernetes/pki/front-proxy-ca.crt")]
|
||||||
|
|
||||||
|
# IPsec certificate
|
||||||
|
try:
|
||||||
|
hostname = socket.gethostname()
|
||||||
|
ipsec_path = f"/etc/swanctl/x509/system-ipsec-certificate-{hostname}.crt"
|
||||||
|
certs.append(("ipsec", constants.AUTOMATIC, ipsec_path))
|
||||||
|
except socket.error:
|
||||||
|
LOG.debug("Failed to get local hostname to retrieve IPsec certificate")
|
||||||
|
|
||||||
kube_operator = kubernetes.KubeOperator()
|
kube_operator = kubernetes.KubeOperator()
|
||||||
certificates = kube_operator.list_custom_resources("cert-manager.io", "v1", "certificates")
|
certificates = kube_operator.list_custom_resources("cert-manager.io", "v1", "certificates")
|
||||||
k8s_secrets_list = [cert["spec"]["secretName"] for cert in certificates]
|
k8s_secrets_list = [cert["spec"]["secretName"] for cert in certificates]
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user