Skip to content

Commit

Permalink
fix: add missing owner on knative-serving-cert
Browse files Browse the repository at this point in the history
- why using default ingress cert, owner is not set to FTer: serverless-serving-gateway

Signed-off-by: Wen Zhou <[email protected]>
  • Loading branch information
zdtsw committed Aug 19, 2024
1 parent a0e0a29 commit fdd0cd0
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
10 changes: 7 additions & 3 deletions pkg/cluster/cert.go
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ func generateCertificate(addr string) ([]byte, []byte, error) {
}

// PropagateDefaultIngressCertificate copies ingress cert secrets from openshift-ingress ns to given namespace.
func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, secretName, namespace string) error {
func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, secretName, namespace string, metaOptions ...MetaOptions) error {
// Add IngressController to scheme
runtime.Must(operatorv1.Install(c.Scheme()))
defaultIngressCtrl, err := FindAvailableIngressController(ctx, c)
Expand All @@ -138,7 +138,7 @@ func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, se
return err
}

return copySecretToNamespace(ctx, c, defaultIngressSecret, secretName, namespace)
return copySecretToNamespace(ctx, c, defaultIngressSecret, secretName, namespace, metaOptions...)
}

func FindAvailableIngressController(ctx context.Context, c client.Client) (*operatorv1.IngressController, error) {
Expand Down Expand Up @@ -167,7 +167,7 @@ func GetSecret(ctx context.Context, c client.Client, namespace, name string) (*c
return secret, nil
}

func copySecretToNamespace(ctx context.Context, c client.Client, secret *corev1.Secret, newSecretName, namespace string) error {
func copySecretToNamespace(ctx context.Context, c client.Client, secret *corev1.Secret, newSecretName, namespace string, opts ...MetaOptions) error {
newSecret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: newSecretName,
Expand All @@ -176,9 +176,13 @@ func copySecretToNamespace(ctx context.Context, c client.Client, secret *corev1.
Data: secret.Data,
Type: secret.Type,
}
if err := ApplyMetaOptions(newSecret, opts...); err != nil {
return err
}
if err := generateCertSecret(ctx, c, newSecret, newSecretName, namespace); err != nil {
return fmt.Errorf("failed to deploy default cert secret to namespace %s: %w", namespace, err)
}

return nil
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/feature/serverless/resources.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ func ServingCertificateResource(ctx context.Context, f *feature.Feature) error {
case infrav1.Provided:
return nil
default:
return cluster.PropagateDefaultIngressCertificate(ctx, f.Client, secretData.Name, secretData.Namespace)
return cluster.PropagateDefaultIngressCertificate(ctx, f.Client, secretData.Name, secretData.Namespace, feature.OwnedBy(f))
}
}

Expand Down

0 comments on commit fdd0cd0

Please sign in to comment.