DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

GCE pre-shared cert fixes (#395)

Browse source 
* pick up changes to the external cert referenced by lb

* less prone way to check if cert should be deleted
This commit is contained in:
Tony Li 2017-03-07 18:05:21 -05:00 committed by Nick Sardo
parent e1d1445370
commit 7000924dc5
1 changed files with 2 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
controllers/gce/loadbalancers/loadbalancers.go
View file

@ -356,11 +356,6 @@ func (l *L7) checkSSLCert() (err error) {
// Use the named GCE cert when it is specified by the annotation. // Use the named GCE cert when it is specified by the annotation.
if certName != "" { if certName != "" {
// Use the targetHTTPSProxy's cert name if it already has one set.
if l.sslCert != nil {
certName = l.sslCert.Name
}
// Ask GCE for the cert, checking for problems and existence. // Ask GCE for the cert, checking for problems and existence.
cert, err := l.cloud.GetSslCertificate(certName) cert, err := l.cloud.GetSslCertificate(certName)
if err != nil { if err != nil {
@ -871,8 +866,8 @@ func (l *L7) Cleanup() error {
} }
l.tps = nil l.tps = nil
} }
// Delete the SSL cert if it is not a pre-created GCE cert. // Delete the SSL cert if it is from a secret, not referencing a pre-created GCE cert.
if l.sslCert != nil && l.sslCert.Name != l.runtimeInfo.TLSName { if l.sslCert != nil && l.runtimeInfo.TLSName == "" {
glog.Infof("Deleting sslcert %v", l.sslCert.Name) glog.Infof("Deleting sslcert %v", l.sslCert.Name)
if err := l.cloud.DeleteSslCertificate(l.sslCert.Name); err != nil { if err := l.cloud.DeleteSslCertificate(l.sslCert.Name); err != nil {
if !utils.IsHTTPErrorCode(err, http.StatusNotFound) { if !utils.IsHTTPErrorCode(err, http.StatusNotFound) {