Skip to content

Commit

Permalink
improved cert path management
Browse files Browse the repository at this point in the history
  • Loading branch information
cjimti committed Jul 20, 2023
1 parent c2b428f commit a10e5d3
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ kubectl apply -f ./k8s/00-namespace.yml
Create Certificate as Kubernets Secret in the new `amp-system` Namespace:

```shell script
curl https://raw.githubusercontent.com/morvencao/kube-mutating-webhook-tutorial/master/deployment/webhook-create-signed-cert.sh -o cert-gen.sh
curl https://raw.githubusercontent.com/IBM/istio101/master/presentation/scripts/install/kubernetes/webhook-create-signed-cert.sh -o cert-gen.sh

chmod 775 cert-gen.sh

Expand Down
13 changes: 6 additions & 7 deletions cmd/amp.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ var (
modeEnv = getEnv("MODE", "release")
httpReadTimeoutEnv = getEnv("HTTP_READ_TIMEOUT", "10")
httpWriteTimeoutEnv = getEnv("HTTP_WRITE_TIMEOUT", "10")
certPathEnv = getEnv("CERT_PATH", "")
certPathCrtEnv = getEnv("CERT_PATH_CRT", "/cert/tls.crt")
certPathKeyEnv = getEnv("CERT_PATH_KEY", "/cert/tls.key")
mutationEpAnnotationEnv = getEnv("MUTATION_EP_ANNOTATION", "mutation.amp.txn2.com/ep")
validationEpAnnotationEnv = getEnv("VALIDATION_EP_ANNOTATION", "validation.amp.txn2.com/ep")
)
Expand Down Expand Up @@ -74,7 +75,8 @@ func main() {
var (
ip = flag.String("ip", ipEnv, "Server IP address to bind to.")
port = flag.String("port", portEnv, "Server port.")
certPath = flag.String("certPath", certPathEnv, "Cert path. If populated will serve TLS.")
certPathCrt = flag.String("certPathCrt", certPathCrtEnv, "Cert path tls.crt. If populated along with certPathKey will serve TLS.")
certPathKey = flag.String("certPathKey", certPathKeyEnv, "Cert path tls.key. If populated along with certPathCrt will serve TLS.")
metricsPort = flag.String("metricsPort", metricsPortEnv, "Metrics port.")
mode = flag.String("mode", modeEnv, "debug or release")
httpReadTimeout = flag.Int("httpReadTimeout", httpReadTimeoutInt, "HTTP read timeout")
Expand Down Expand Up @@ -216,11 +218,8 @@ func main() {
MaxHeaderBytes: 1 << 20, // 1 MB
}

if *certPath != "" {
certFile := *certPath + "/cert.pem"
keyFile := *certPath + "/key.pem"

err = s.ListenAndServeTLS(certFile, keyFile)
if *certPathKey != "" && *certPathCrt != "" {
err = s.ListenAndServeTLS(*certPathCrt, *certPathKey)
if err != nil {
logger.Fatal(err.Error())
}
Expand Down

0 comments on commit a10e5d3

Please sign in to comment.