Skip to content
This repository has been archived by the owner on Apr 17, 2019. It is now read-only.

Addresses #1314 [nginx-ingress-controller ssl nginx reload abort] #1315

Merged
merged 1 commit into from
Jul 6, 2016
Merged

Addresses #1314 [nginx-ingress-controller ssl nginx reload abort] #1315

merged 1 commit into from
Jul 6, 2016

Conversation

fcvarela
Copy link
Contributor

@fcvarela fcvarela commented Jul 5, 2016

Replaces async file writes with atomic renaming of temp files.

aledbf
aledbf reviewed Jul 5, 2016
View reviewed changes
ingress/controllers/nginx/nginx/ssl.go
@@ -45,17 +45,28 @@ type SSLCert struct {

// AddOrUpdateCertAndKey creates a .pem file wth the cert and the key with the specified name
func (nginx *Manager) AddOrUpdateCertAndKey(name string, cert string, key string) (SSLCert, error) {
tempPemFileName := name + ".pem"
pemFileName := config.SSLDirectory + "/" + name + ".pem"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe this could be pemFileName := fmt.Sprintf("%v/%v", config.SSLDirectory, tempPemFileName)

Copy link
Contributor Author

@fcvarela fcvarela Jul 5, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I used the same format as the existing pemFileName to keep it consistent in method. Should I update that as well? Note that tempPemFileName is meant to be just the filename, its actual Name() will be determined by the os default tmp location (/tmp/filename.pem.something) after returning from ioutil.TempFile(). It then gets moved to the location pemFileName. I did not change how that one string is generated.

Actually, that would probably make more sense in a separate linting/codestyle change PR? It doesn't fix the bug, just changes the previous style used in the code? I'm good with either, let me know.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fcvarela yes, I'm trying to avoid string concatenations and use fmt.Sprintf

@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request) and all commit authors, but as best as we can tell these commits were authored by someone else. If that's the case, please add them to this pull request and have them confirm that they're okay with these commits being contributed to Google. If we're mistaken and you did author these commits, just reply here to confirm.

@fcvarela
Copy link
Contributor Author

fcvarela commented Jul 6, 2016
edited
Loading

I've added the suggested changes and rebased my ref, is that ok?

@googlebot
Copy link

CLAs look good, thanks!

@googlebot googlebot added cla: yes and removed cla: no labels Jul 6, 2016
@fcvarela
Copy link
Contributor Author

fcvarela commented Jul 6, 2016

Should I squash all three commits?

@aledbf
Copy link
Contributor

aledbf commented Jul 6, 2016

@fcvarela yes please

@fcvarela
Fixes #1314
c83c272 
Removed comment to be consistent w/ rest of code

Fixes typo and string concat
@fcvarela
Copy link
Contributor Author

fcvarela commented Jul 6, 2016

Squashed!

@aledbf
Copy link
Contributor

aledbf commented Jul 6, 2016

@bprashanth please review

bprashanth
bprashanth reviewed Jul 6, 2016
View reviewed changes
ingress/controllers/nginx/nginx/ssl.go
return SSLCert{}, fmt.Errorf("Couldn't close temp pem file %v: %v", temporaryPemFile.Name(), err)
}

err = os.Rename(temporaryPemFile.Name(), pemFileName)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it would be even better if we validated the key/cert pair before moving it (though I think we already do so higher up the stack)

@bprashanth
Copy link

LGTM

@bprashanth bprashanth merged commit a954aad into kubernetes-retired:master Jul 6, 2016
aledbf pushed a commit to aledbf/contrib that referenced this pull request Nov 10, 2016
@bprashanth
Merge pull request kubernetes-retired#1315 from fcvarela/master
a7570a8 
Addresses kubernetes-retired#1314 [nginx-ingress-controller ssl nginx reload abort]
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@fcvarela @googlebot @aledbf @bprashanth