diff options
| author | Dylan Griffith <dyl.griffith@gmail.com> | 2018-06-15 14:58:13 +0200 |
|---|---|---|
| committer | Dylan Griffith <dyl.griffith@gmail.com> | 2018-06-15 14:58:13 +0200 |
| commit | ad39489e063bfe24389e986c773b465da3e60f35 (patch) | |
| tree | b9e42e7c602b287df7890956a1694d775128ccce | |
| parent | d2587768890ff7f9c2966068923bddf175d696ef (diff) | |
| download | gitlab-ce-29398-add-mutual-tls-to-tiller-for-gitlab-managed-apps.tar.gz | |
WIP: fix cert newline issues with tiller by base64 encoding29398-add-mutual-tls-to-tiller-for-gitlab-managed-apps
| -rw-r--r-- | app/models/clusters/applications/helm.rb | 6 | ||||
| -rw-r--r-- | app/models/clusters/applications/ingress.rb | 6 | ||||
| -rw-r--r-- | lib/gitlab/kubernetes/helm/init_command.rb | 6 | ||||
| -rw-r--r-- | lib/gitlab/kubernetes/helm/install_command.rb | 6 |
4 files changed, 12 insertions, 12 deletions
diff --git a/app/models/clusters/applications/helm.rb b/app/models/clusters/applications/helm.rb index 8f953d1dd60..e63d6c27cdf 100644 --- a/app/models/clusters/applications/helm.rb +++ b/app/models/clusters/applications/helm.rb @@ -111,9 +111,9 @@ module Clusters def extra_env { - "CA_CERT" => ca_cert, - "TILLER_CERT" => server_cert, - "TILLER_KEY" => server_key, + "CA_CERT" => Base64.encode64(ca_cert), + "TILLER_CERT" => Base64.encode64(server_cert), + "TILLER_KEY" => Base64.encode64(server_key), } end diff --git a/app/models/clusters/applications/ingress.rb b/app/models/clusters/applications/ingress.rb index f703aae0813..5ab1b293672 100644 --- a/app/models/clusters/applications/ingress.rb +++ b/app/models/clusters/applications/ingress.rb @@ -48,9 +48,9 @@ module Clusters def extra_env { - "CA_CERT" => cluster.application_helm.ca_cert, - "HELM_CERT" => cluster.application_helm.client_cert, - "HELM_KEY" => cluster.application_helm.client_key, + "CA_CERT" => Base64.encode64(cluster.application_helm.ca_cert), + "HELM_CERT" => Base64.encode64(cluster.application_helm.client_cert), + "HELM_KEY" => Base64.encode64(cluster.application_helm.client_key), } end end diff --git a/lib/gitlab/kubernetes/helm/init_command.rb b/lib/gitlab/kubernetes/helm/init_command.rb index 0cbd59a5f6f..c27e0962fff 100644 --- a/lib/gitlab/kubernetes/helm/init_command.rb +++ b/lib/gitlab/kubernetes/helm/init_command.rb @@ -12,9 +12,9 @@ module Gitlab def init_helm_command <<~CMD - echo $CA_CERT > ca.cert.pem - echo $TILLER_CERT > tiller.cert.pem - echo $TILLER_KEY > tiller.key.pem + echo $CA_CERT | base64 -d > ca.cert.pem + echo $TILLER_CERT | base64 -d > tiller.cert.pem + echo $TILLER_KEY | base64 -d > tiller.key.pem helm init --tiller-tls --tiller-tls-cert ./tiller.cert.pem --tiller-tls-key ./tiller.key.pem --tiller-tls-verify --tls-ca-cert ca.cert.pem >/dev/null CMD end diff --git a/lib/gitlab/kubernetes/helm/install_command.rb b/lib/gitlab/kubernetes/helm/install_command.rb index 2a703a390d8..20158fa73e6 100644 --- a/lib/gitlab/kubernetes/helm/install_command.rb +++ b/lib/gitlab/kubernetes/helm/install_command.rb @@ -26,9 +26,9 @@ module Gitlab def configure_certs_command <<~CMD mkdir $(helm home) - echo $CA_CERT > $(helm home)/ca.pem - echo $TILLER_CERT > $(helm home)/cert.pem - echo $TILLER_KEY > $(helm home)/key.pem + echo $CA_CERT | base64 -d > $(helm home)/ca.pem + echo $HELM_CERT | base64 -d > $(helm home)/cert.pem + echo $HELM_KEY | base64 -d > $(helm home)/key.pem CMD end |