Merge pull request #2155 from jubittajohn/fix-makeServerCert-call

OCPBUGS-62792: Fix self-signed serving cert using 30ns lifetime instead of 30 days

Author: openshift-merge-bot[bot]

pkg/controller/controllercmd/cmd.go

@@ -3,12 +3,13 @@ package controllercmd
 import (
 	"context"
 	"fmt"
-	"k8s.io/utils/clock"
 	"math/rand"
 	"os"
 	"path/filepath"
 	"time"
 
+	"k8s.io/utils/clock"
+
 	"github.com/spf13/cobra"
 	"k8s.io/apiserver/pkg/server/healthz"
 
@@ -280,7 +281,7 @@ func (c *ControllerCommandConfig) AddDefaultRotationToConfig(config *operatorv1a
 			config.ServingInfo.CertFile = filepath.Join(temporaryCertDir, "tls.crt")
 			config.ServingInfo.KeyFile = filepath.Join(temporaryCertDir, "tls.key")
 			// nothing can trust this, so we don't really care about hostnames
-			servingCert, err := ca.MakeServerCert(sets.New("localhost"), 30)
+			servingCert, err := ca.MakeServerCert(sets.New("localhost"), time.Hour*24*30)
 			if err != nil {
 				return nil, nil, err
 			}