Merge pull request #1275 from mrogers950/aggregator_roots

pkg/asset/tls: self-sign aggregator-ca
openshift · Feb 26, 2019 · e9cb85a · e9cb85a
2 parents e3d78d6 + 71441ef
commit e9cb85a
Showing 1 changed file with 3 additions and 8 deletions.
diff --git a/pkg/asset/tls/aggregator.go b/pkg/asset/tls/aggregator.go
@@ -10,7 +10,7 @@ import (
 // AggregatorCA is the asset that generates the aggregator-ca key/cert pair.
 // [DEPRECATED]
 type AggregatorCA struct {
- SignedCertKey
+ SelfSignedCertKey
 }
 
 var _ asset.Asset = (*AggregatorCA)(nil)
@@ -19,24 +19,19 @@ var _ asset.Asset = (*AggregatorCA)(nil)
 // the parent CA, and install config if it depends on the install config for
 // DNS names, etc.
 func (a *AggregatorCA) Dependencies() []asset.Asset {
- return []asset.Asset{
- &RootCA{},
- }
+ return []asset.Asset{}
 }
 
 // Generate generates the cert/key pair based on its dependencies.
 func (a *AggregatorCA) Generate(dependencies asset.Parents) error {
- rootCA := &RootCA{}
- dependencies.Get(rootCA)
-
  cfg := &CertCfg{
  Subject: pkix.Name{CommonName: "aggregator", OrganizationalUnit: []string{"bootkube"}},
  KeyUsages: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
  Validity: ValidityOneDay,
  IsCA: true,
  }
 
- return a.SignedCertKey.Generate(cfg, rootCA, "aggregator-ca", DoNotAppendParent)
+ return a.SelfSignedCertKey.Generate(cfg, "aggregator-ca")
 }
 
 // Name returns the human-friendly name of the asset.