From c4307b8e78ea54b69e799d4404b3286d20967b5d Mon Sep 17 00:00:00 2001 From: Ricardo Pchevuzinske Katz Date: Tue, 24 Jan 2017 10:32:00 -0200 Subject: [PATCH] Creates the SSL Temp directory inside the Default SSL Directory --- core/pkg/ingress/controller/launch.go | 2 ++ core/pkg/ingress/types.go | 1 + core/pkg/net/ssl/ssl.go | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/core/pkg/ingress/controller/launch.go b/core/pkg/ingress/controller/launch.go index a1f325d4f..8a0e67ee2 100644 --- a/core/pkg/ingress/controller/launch.go +++ b/core/pkg/ingress/controller/launch.go @@ -132,6 +132,8 @@ func NewIngressController(backend ingress.Controller) *GenericController { } os.MkdirAll(ingress.DefaultSSLDirectory, 0655) + // Creates a temp directory for Certificates, as 'rename' functions need to be in the same mount point as the Certificates + os.MkdirAll(ingress.TempSSLDirectory,0655) config := &Configuration{ UpdateStatus: *updateStatus, diff --git a/core/pkg/ingress/types.go b/core/pkg/ingress/types.go index 4891995e7..f1b82c506 100644 --- a/core/pkg/ingress/types.go +++ b/core/pkg/ingress/types.go @@ -36,6 +36,7 @@ var ( // The name of each file is -.pem. The content is the concatenated // certificate and key. DefaultSSLDirectory = "/ingress-controller/ssl" + TempSSLDirectory = "/ingress-controller/ssl/temp" ) // Controller holds the methods to handle an Ingress backend diff --git a/core/pkg/net/ssl/ssl.go b/core/pkg/net/ssl/ssl.go index 14a6fbef3..b8aef4b5a 100644 --- a/core/pkg/net/ssl/ssl.go +++ b/core/pkg/net/ssl/ssl.go @@ -36,7 +36,7 @@ func AddOrUpdateCertAndKey(name string, cert, key, ca []byte) (*ingress.SSLCert, pemName := fmt.Sprintf("%v.pem", name) pemFileName := fmt.Sprintf("%v/%v", ingress.DefaultSSLDirectory, pemName) - tempPemFile, err := ioutil.TempFile("", pemName) + tempPemFile, err := ioutil.TempFile(ingress.TempSSLDirectory, pemName) if err != nil { return nil, fmt.Errorf("could not create temp pem file %v: %v", tempPemFile.Name(), err) }