kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make funcs private and remove dead code

This commit is contained in:
John Gardiner Myers 2020-05-09 22:38:10 -07:00
parent e0c32a3fae
commit ae667a94c5
2 changed files with 7 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
upup/pkg/fi/clientset_castore.go
View File

@ -334,8 +334,7 @@ func (c *ClientsetCAStore) ListSSHCredentials() ([]*kops.SSHCredential, error) {
return items, nil return items, nil
} }
// IssueCert implements CAStore::IssueCert func (c *ClientsetCAStore) issueCert(signer string, name string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error) {
func (c *ClientsetCAStore) IssueCert(signer string, name string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error) {
ctx := context.TODO() ctx := context.TODO()
klog.Infof("Issuing new certificate: %q", name) klog.Infof("Issuing new certificate: %q", name)
@ -449,7 +448,7 @@ func (c *ClientsetCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error)
func (c *ClientsetCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error) { func (c *ClientsetCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error) {
serial := c.buildSerial() serial := c.buildSerial()
cert, err := c.IssueCert(signer, id, serial, privateKey, template) cert, err := c.issueCert(signer, id, serial, privateKey, template)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -488,8 +487,8 @@ func (c *ClientsetCAStore) addKey(ctx context.Context, name string, keysetType k
return nil return nil
} }
// DeleteKeysetItem deletes the specified key from the registry; deleting the whole keyset if it was the last one // deleteKeysetItem deletes the specified key from the registry; deleting the whole keyset if it was the last one
func DeleteKeysetItem(client kopsinternalversion.KeysetInterface, name string, keysetType kops.KeysetType, id string) error { func deleteKeysetItem(client kopsinternalversion.KeysetInterface, name string, keysetType kops.KeysetType, id string) error {
ctx := context.TODO() ctx := context.TODO()
keyset, err := client.Get(ctx, name, metav1.GetOptions{}) keyset, err := client.Get(ctx, name, metav1.GetOptions{})
@ -637,7 +636,7 @@ func (c *ClientsetCAStore) DeleteKeysetItem(item *kops.Keyset, id string) error
switch item.Spec.Type { switch item.Spec.Type {
case kops.SecretTypeKeypair: case kops.SecretTypeKeypair:
client := c.clientset.Keysets(c.namespace) client := c.clientset.Keysets(c.namespace)
return DeleteKeysetItem(client, item.Name, kops.SecretTypeKeypair, id) return deleteKeysetItem(client, item.Name, kops.SecretTypeKeypair, id)
default: default:
// Primarily because we need to make sure users can recreate them! // Primarily because we need to make sure users can recreate them!
return fmt.Errorf("deletion of keystore items of type %v not (yet) supported", item.Spec.Type) return fmt.Errorf("deletion of keystore items of type %v not (yet) supported", item.Spec.Type)

20
upup/pkg/fi/vfs_castore.go
View File

@ -19,7 +19,6 @@ package fi
import ( import (
"bytes" "bytes"
"crypto/x509" "crypto/x509"
"crypto/x509/pkix"
"fmt" "fmt"
"math/big" "math/big"
"os" "os"
@ -132,21 +131,6 @@ func (s *VFSCAStore) readCAKeypairs(id string) (*keyset, *keyset, error) {
} }
func BuildCAX509Template() *x509.Certificate {
subject := &pkix.Name{
CommonName: "kubernetes",
}
template := &x509.Certificate{
Subject: *subject,
KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
ExtKeyUsage: []x509.ExtKeyUsage{},
BasicConstraintsValid: true,
IsCA: true,
}
return template
}
func (c *VFSCAStore) buildCertificatePoolPath(name string) vfs.Path { func (c *VFSCAStore) buildCertificatePoolPath(name string) vfs.Path {
return c.basedir.Join("issued", name) return c.basedir.Join("issued", name)
} }
@ -671,7 +655,7 @@ func mirrorSSHCredential(cluster *kops.Cluster, basedir vfs.Path, sshCredential
return nil return nil
} }
func (c *VFSCAStore) IssueCert(signer string, id string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error) { func (c *VFSCAStore) issueCert(signer string, id string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error) {
klog.Infof("Issuing new certificate: %q", id) klog.Infof("Issuing new certificate: %q", id)
template.SerialNumber = serial template.SerialNumber = serial
@ -884,7 +868,7 @@ func (c *VFSCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error) {
func (c *VFSCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error) { func (c *VFSCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error) {
serial := c.SerialGenerator() serial := c.SerialGenerator()
cert, err := c.IssueCert(signer, id, serial, privateKey, template) cert, err := c.issueCert(signer, id, serial, privateKey, template)
if err != nil { if err != nil {
return nil, err return nil, err
} }