Merge pull request #11397 from johngmyers/no-discoverystore

Don't publish OIDC discovery if DiscoveryStore not set
2021-05-07 03:11:10 -07:00 · 2021-05-07 03:11:10 -07:00 · bdc4d6ab5b
parent 5d6e7fc000 8bac63f951
commit bdc4d6ab5b
2 changed files with 2 additions and 2 deletions
--- a/pkg/apis/kops/validation/legacy.go
+++ b/pkg/apis/kops/validation/legacy.go
@ -374,7 +374,7 @@ func ValidateCluster(c *kops.Cluster, strict bool) field.ErrorList {
 	}

 	said := c.Spec.ServiceAccountIssuerDiscovery
-	if said != nil {
+	if said != nil && said.DiscoveryStore != "" {
 		saidStore := said.DiscoveryStore
 		saidStoreField := fieldSpec.Child("serviceAccountIssuerDiscovery", "discoveryStore")
 		base, err := vfs.Context.BuildVfsPath(saidStore)
--- a/pkg/model/issuerdiscovery.go
+++ b/pkg/model/issuerdiscovery.go
@ -53,7 +53,7 @@ type oidcDiscovery struct {

 func (b *IssuerDiscoveryModelBuilder) Build(c *fi.ModelBuilderContext) error {
 	said := b.Cluster.Spec.ServiceAccountIssuerDiscovery
-	if said == nil {
+	if said == nil || said.DiscoveryStore == "" {
 		return nil
 	}