Skip to content

Commit

Permalink
Mount operator-ca-tls secret for tenants
Browse files Browse the repository at this point in the history
  • Loading branch information
ooraini committed Jul 29, 2022
1 parent 625b873 commit 9a732fa
Showing 1 changed file with 25 additions and 25 deletions.
50 changes: 25 additions & 25 deletions pkg/controller/cluster/minio.go
Original file line number Diff line number Diff line change
Expand Up @@ -177,33 +177,33 @@ func (c *Controller) checkOperatorCaForTenant(ctx context.Context, tenant *minio

tenantCaSecret, err := c.kubeClientSet.CoreV1().Secrets(tenant.Namespace).Get(ctx, OperatorCATLSSecretName, metav1.GetOptions{})
if err != nil {
if k8serrors.IsNotFound(err) {
klog.Infof("'%s/%s' secret not found, creating one now", tenant.Namespace, OperatorCATLSSecretName)
// create tenant operator-ca-tls secret
opCATLSSecret := &corev1.Secret{
Type: "Opaque",
ObjectMeta: metav1.ObjectMeta{
Name: OperatorCATLSSecretName,
Namespace: tenant.Namespace,
Labels: tenant.MinIOPodLabels(),
OwnerReferences: []metav1.OwnerReference{
*metav1.NewControllerRef(tenant, schema.GroupVersionKind{
Group: miniov2.SchemeGroupVersion.Group,
Version: miniov2.SchemeGroupVersion.Version,
Kind: miniov2.MinIOCRDResourceKind,
}),
},
},
Data: map[string][]byte{
"public.crt": operatorCaCert,
if !k8serrors.IsNotFound(err) {
return false, err
}
klog.Infof("'%s/%s' secret not found, creating one now", tenant.Namespace, OperatorCATLSSecretName)
// create tenant operator-ca-tls secret
tenantCaSecret = &corev1.Secret{
Type: "Opaque",
ObjectMeta: metav1.ObjectMeta{
Name: OperatorCATLSSecretName,
Namespace: tenant.Namespace,
Labels: tenant.MinIOPodLabels(),
OwnerReferences: []metav1.OwnerReference{
*metav1.NewControllerRef(tenant, schema.GroupVersionKind{
Group: miniov2.SchemeGroupVersion.Group,
Version: miniov2.SchemeGroupVersion.Version,
Kind: miniov2.MinIOCRDResourceKind,
}),
},
}
_, err = c.kubeClientSet.CoreV1().Secrets(tenant.Namespace).Create(ctx, opCATLSSecret, metav1.CreateOptions{})
if err != nil {
return false, err
}
},
Data: map[string][]byte{
"public.crt": operatorCaCert,
},
}
_, err = c.kubeClientSet.CoreV1().Secrets(tenant.Namespace).Create(ctx, tenantCaSecret, metav1.CreateOptions{})
if err != nil {
return false, err
}
return false, err
}

if _, ok := tenantCaSecret.Data["public.crt"]; !ok {
Expand Down

0 comments on commit 9a732fa

Please sign in to comment.