Skip to content

Commit 0987288

Browse files
author
Martin Jackson
committed
Fix creation of manifestwork
1 parent b623d74 commit 0987288

1 file changed

Lines changed: 6 additions & 15 deletions

File tree

files/gather-and-distribute-ca.sh

Lines changed: 6 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -349,25 +349,14 @@ patch_proxy_trusted_ca() {
349349
log "Proxy trustedCA set on ${label}"
350350
}
351351

352-
bundle_to_single_line_b64() {
353-
local bundle="$1"
354-
local out="$2"
355-
if openssl base64 -A -in "$bundle" -out "$out" 2>/dev/null; then
356-
return 0
357-
fi
358-
{ base64 <"$bundle" 2>/dev/null || base64 "$bundle"; } | tr -d '\n' >"$out"
359-
}
360-
361352
# One ManifestWork per cluster so workload.manifests apply in list order: optional klusterlet RBAC,
362353
# then ConfigMap, then Proxy (ConfigMap must exist before Proxy references it). Two separate
363354
# ManifestWorks can reconcile out of order and leave spec.trustedCA unset or rejected on the spoke.
364355
apply_manifestwork_spoke_rollout() {
365356
local cluster="$1"
366357
local bundle="$2"
367-
local b64file="$WORK_DIR/mw-${cluster}.b64"
368-
bundle_to_single_line_b64 "$bundle" "$b64file"
369-
local b64
370-
b64="$(cat "$b64file")"
358+
local bundle_block
359+
bundle_block="$(sed 's/^/ /' "$bundle")"
371360
local tmp="$WORK_DIR/mw-${cluster}.yaml"
372361
local rbac_block=""
373362
local log_suffix=""
@@ -430,7 +419,8 @@ ${rbac_block}
430419
name: ${CONFIG_MAP_NAME}
431420
namespace: ${TARGET_NAMESPACE}
432421
data:
433-
ca-bundle.crt: "${b64}"
422+
ca-bundle.crt: |
423+
${bundle_block}
434424
- apiVersion: config.openshift.io/v1
435425
kind: Proxy
436426
metadata:
@@ -456,7 +446,8 @@ spec:
456446
name: ${CONFIG_MAP_NAME}
457447
namespace: ${TARGET_NAMESPACE}
458448
data:
459-
ca-bundle.crt: "${b64}"
449+
ca-bundle.crt: |
450+
${bundle_block}
460451
EOF
461452
log "ManifestWork ${cluster}/${MANIFEST_WORK_NAME} apply (ConfigMap only)"
462453
fi

0 commit comments

Comments
 (0)