[openwhisk-deploy-kube] branch master updated: make genCerts job not fail if nginx secret already exists (#555)

Wed, 18 Dec 2019 11:53:42 -0800 

This is an automated email from the ASF dual-hosted git repository.

dgrove pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-deploy-kube.git


The following commit(s) were added to refs/heads/master by this push:
     new cea3488  make genCerts job not fail if nginx secret already exists 
(#555)
cea3488 is described below

commit cea348821039783d3ca9db7d54b3012026d47c6b
Author: David Grove <[email protected]>
AuthorDate: Wed Dec 18 14:52:52 2019 -0500

    make genCerts job not fail if nginx secret already exists (#555)
    
    Only create the tls secret if it doesn't already exist.
    This avoids repeated job failures if the chart is being
    deployed multiple times in the same namespace without
    the namespace thoroughly cleaned.
---
 helm/openwhisk/configMapFiles/genCerts/gencerts.sh | 10 +++++++---
 helm/openwhisk/templates/init-role.yaml            |  2 +-
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/helm/openwhisk/configMapFiles/genCerts/gencerts.sh 
b/helm/openwhisk/configMapFiles/genCerts/gencerts.sh
index 8db6236..b5dbb19 100755
--- a/helm/openwhisk/configMapFiles/genCerts/gencerts.sh
+++ b/helm/openwhisk/configMapFiles/genCerts/gencerts.sh
@@ -15,7 +15,11 @@
 # limitations under the License.
 #
 
-genssl.sh "*.$WHISK_API_HOST_NAME" server /cert-gen
-
-kubectl create secret tls $NGINX_CERT_SECRET 
--cert=/cert-gen/openwhisk-server-cert.pem 
--key=/cert-gen/openwhisk-server-key.pem
+if kubectl get secret $NGINX_CERT_SECRET; then
+    echo "using existing $NGINX_CERT_SECRET secret"
+else
+    echo "generating new $NGINX_CERT_SECRET secret"
+    genssl.sh "*.$WHISK_API_HOST_NAME" server /cert-gen
+    kubectl create secret tls $NGINX_CERT_SECRET 
--cert=/cert-gen/openwhisk-server-cert.pem 
--key=/cert-gen/openwhisk-server-key.pem
+fi
 
diff --git a/helm/openwhisk/templates/init-role.yaml 
b/helm/openwhisk/templates/init-role.yaml
index 51db340..a6305ef 100644
--- a/helm/openwhisk/templates/init-role.yaml
+++ b/helm/openwhisk/templates/init-role.yaml
@@ -25,5 +25,5 @@ metadata:
 rules:
 - apiGroups: [""]
   resources: ["secrets", "configmaps"]
-  verbs: ["create"]
+  verbs: ["create", "get"]

Reply via email to