DevFW-CICD/backstage-edp
12
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Adding certificates to kubeconfig only skipTLSVerify false

Browse source 
Signed-off-by: Mani Kumar Marothu <ama47116@manis-mbp.lan>
Signed-off-by: Mani Marothu <manikumar.1215@gmail.com>
This commit is contained in:
Mani Kumar Marothu 2024-09-03 10:27:13 -07:00 committed by Mani Marothu
parent 38f8054fb5
commit b2eac39a4b
1 changed files with 4 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
packages/backend/src/plugins/k8s-apply.ts
View file

@ -106,10 +106,6 @@ export const createKubernetesApply = (config: Config) => {
{
name: ctx.input.clusterName,
cluster: {
'certificate-authority-data':
targetCluster.getOptionalString('caData'),
'certificate-authority':
targetCluster.getOptionalString('caFile'),
server: targetCluster.getString('url'),
'insecure-skip-tls-verify':
!!targetCluster.getOptionalBoolean('skipTLSVerify'),
@ -125,10 +121,7 @@ export const createKubernetesApply = (config: Config) => {
},
],
};
if(confFile.clusters[0].cluster['insecure-skip-tls-verify']) {
// Remove certificate-authority-data from Conffile
delete confFile.clusters[0].cluster['certificate-authority-data']
} else {
if(!confFile.clusters[0].cluster['insecure-skip-tls-verify']) {
let caDataRaw = targetCluster.getOptionalString('caData');
if (caDataRaw?.startsWith('-----BEGIN CERTIFICATE-----')) {
caDataRaw = Buffer.from(
@ -136,8 +129,10 @@ export const createKubernetesApply = (config: Config) => {
'utf8',
).toString('base64');
}
confFile.clusters[0].cluster['certificate-authority-data'] =
(confFile.clusters[0].cluster as any)['certificate-authority-data'] =
caDataRaw;
(confFile.clusters[0].cluster as any)['certificate-authority'] =
targetCluster.getOptionalString('caFile');
}
const confString = dumpYaml(confFile);
const confFilePath = resolveSafeChildPath(ctx.workspacePath, 'config');