You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by as...@apache.org on 2021/03/30 17:20:51 UTC
[camel-k] 09/20: chore: Rename Maven CA Secret field
This is an automated email from the ASF dual-hosted git repository.
astefanutti pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit ee8e20b6962121ed5f82a70a5a138f4568565252
Author: Antonin Stefanutti <an...@stefanutti.fr>
AuthorDate: Fri Mar 26 15:54:56 2021 +0100
chore: Rename Maven CA Secret field
---
config/crd/bases/camel.apache.org_builds.yaml | 14 +++++++----
.../camel.apache.org_integrationplatforms.yaml | 28 ++++++++++++----------
.../1.4.0-snapshot/camel.apache.org_builds.yaml | 14 +++++++----
.../camel.apache.org_integrationplatforms.yaml | 28 ++++++++++++----------
helm/camel-k/crds/crd-build.yaml | 14 +++++++----
helm/camel-k/crds/crd-integration-platform.yaml | 28 ++++++++++++----------
pkg/apis/camel/v1/common_types.go | 13 ++++++----
pkg/apis/camel/v1/zz_generated.deepcopy.go | 4 ++--
pkg/builder/project.go | 4 ++--
pkg/resources/resources.go | 8 +++----
pkg/trait/openapi.go | 4 ++--
pkg/util/camel/catalog.go | 4 ++--
pkg/util/jvm/keystore.go | 2 +-
13 files changed, 96 insertions(+), 69 deletions(-)
diff --git a/config/crd/bases/camel.apache.org_builds.yaml b/config/crd/bases/camel.apache.org_builds.yaml
index 0ddd9ed..24000ef 100644
--- a/config/crd/bases/camel.apache.org_builds.yaml
+++ b/config/crd/bases/camel.apache.org_builds.yaml
@@ -127,12 +127,16 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
+ caSecret:
+ description: The Secret name and key, containing the
+ CA certificate(s) used to connect to remote Maven
+ repositories. It can contain X.509 certificates, and
+ PKCS#7 formatted certificate chains. A JKS formatted
keystore is automatically created to store the CA
- certificate, and configured to be used as a trusted
- certificate by the Maven command.
+ certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the
+ root CA certificates are also imported into the created
+ keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/config/crd/bases/camel.apache.org_integrationplatforms.yaml b/config/crd/bases/camel.apache.org_integrationplatforms.yaml
index bf34421..bdf0044 100644
--- a/config/crd/bases/camel.apache.org_integrationplatforms.yaml
+++ b/config/crd/bases/camel.apache.org_integrationplatforms.yaml
@@ -81,12 +81,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
@@ -251,12 +253,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_builds.yaml b/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_builds.yaml
index 0ddd9ed..24000ef 100644
--- a/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_builds.yaml
+++ b/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_builds.yaml
@@ -127,12 +127,16 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
+ caSecret:
+ description: The Secret name and key, containing the
+ CA certificate(s) used to connect to remote Maven
+ repositories. It can contain X.509 certificates, and
+ PKCS#7 formatted certificate chains. A JKS formatted
keystore is automatically created to store the CA
- certificate, and configured to be used as a trusted
- certificate by the Maven command.
+ certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the
+ root CA certificates are also imported into the created
+ keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_integrationplatforms.yaml b/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_integrationplatforms.yaml
index bf34421..bdf0044 100644
--- a/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_integrationplatforms.yaml
+++ b/deploy/olm-catalog/camel-k-dev/1.4.0-snapshot/camel.apache.org_integrationplatforms.yaml
@@ -81,12 +81,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
@@ -251,12 +253,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/helm/camel-k/crds/crd-build.yaml b/helm/camel-k/crds/crd-build.yaml
index 0ddd9ed..24000ef 100644
--- a/helm/camel-k/crds/crd-build.yaml
+++ b/helm/camel-k/crds/crd-build.yaml
@@ -127,12 +127,16 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
+ caSecret:
+ description: The Secret name and key, containing the
+ CA certificate(s) used to connect to remote Maven
+ repositories. It can contain X.509 certificates, and
+ PKCS#7 formatted certificate chains. A JKS formatted
keystore is automatically created to store the CA
- certificate, and configured to be used as a trusted
- certificate by the Maven command.
+ certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the
+ root CA certificates are also imported into the created
+ keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/helm/camel-k/crds/crd-integration-platform.yaml b/helm/camel-k/crds/crd-integration-platform.yaml
index bf34421..bdf0044 100644
--- a/helm/camel-k/crds/crd-integration-platform.yaml
+++ b/helm/camel-k/crds/crd-integration-platform.yaml
@@ -81,12 +81,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
@@ -251,12 +253,14 @@ spec:
maven:
description: MavenSpec --
properties:
- caCert:
- description: The Secret key containing the CA certificate
- used to connect to remote repositories. A JKS formatted
- keystore is automatically created to store the CA certificate,
- and configured to be used as a trusted certificate by the
- Maven command.
+ caSecret:
+ description: The Secret name and key, containing the CA certificate(s)
+ used to connect to remote Maven repositories. It can contain
+ X.509 certificates, and PKCS#7 formatted certificate chains.
+ A JKS formatted keystore is automatically created to store
+ the CA certificate(s), and configured to be used as a trusted
+ certificate(s) by the Maven commands. Note that the root
+ CA certificates are also imported into the created keystore.
properties:
key:
description: The key of the secret to select from. Must
diff --git a/pkg/apis/camel/v1/common_types.go b/pkg/apis/camel/v1/common_types.go
index f09d21d..a94d604 100644
--- a/pkg/apis/camel/v1/common_types.go
+++ b/pkg/apis/camel/v1/common_types.go
@@ -85,11 +85,14 @@ type PlatformInjectable interface {
type MavenSpec struct {
LocalRepository string `json:"localRepository,omitempty"`
Settings ValueSource `json:"settings,omitempty"`
- // The Secret key containing the CA certificate used to connect to remote repositories.
- // A JKS formatted keystore is automatically created to store the CA certificate,
- // and configured to be used as a trusted certificate by the Maven command.
- CaCert *corev1.SecretKeySelector `json:"caCert,omitempty"`
- Timeout *metav1.Duration `json:"timeout,omitempty"`
+ // The Secret name and key, containing the CA certificate(s) used to connect
+ // to remote Maven repositories.
+ // It can contain X.509 certificates, and PKCS#7 formatted certificate chains.
+ // A JKS formatted keystore is automatically created to store the CA certificate(s),
+ // and configured to be used as a trusted certificate(s) by the Maven commands.
+ // Note that the root CA certificates are also imported into the created keystore.
+ CASecret *corev1.SecretKeySelector `json:"caSecret,omitempty"`
+ Timeout *metav1.Duration `json:"timeout,omitempty"`
}
// ValueSource --
diff --git a/pkg/apis/camel/v1/zz_generated.deepcopy.go b/pkg/apis/camel/v1/zz_generated.deepcopy.go
index c8e1ff6..79d16d3 100644
--- a/pkg/apis/camel/v1/zz_generated.deepcopy.go
+++ b/pkg/apis/camel/v1/zz_generated.deepcopy.go
@@ -1264,8 +1264,8 @@ func (in *MavenArtifact) DeepCopy() *MavenArtifact {
func (in *MavenSpec) DeepCopyInto(out *MavenSpec) {
*out = *in
in.Settings.DeepCopyInto(&out.Settings)
- if in.CaCert != nil {
- in, out := &in.CaCert, &out.CaCert
+ if in.CASecret != nil {
+ in, out := &in.CASecret, &out.CASecret
*out = new(corev1.SecretKeySelector)
(*in).DeepCopyInto(*out)
}
diff --git a/pkg/builder/project.go b/pkg/builder/project.go
index e7b59b6..45f8835 100644
--- a/pkg/builder/project.go
+++ b/pkg/builder/project.go
@@ -67,11 +67,11 @@ func cleanUpBuildDir(ctx *builderContext) error {
}
func generateJavaKeystore(ctx *builderContext) error {
- if ctx.Build.Maven.CaCert == nil {
+ if ctx.Build.Maven.CASecret == nil {
return nil
}
- certData, err := kubernetes.GetSecretRefData(ctx.C, ctx.Client, ctx.Namespace, ctx.Build.Maven.CaCert)
+ certData, err := kubernetes.GetSecretRefData(ctx.C, ctx.Client, ctx.Namespace, ctx.Build.Maven.CASecret)
if err != nil {
return err
}
diff --git a/pkg/resources/resources.go b/pkg/resources/resources.go
index 80763e2..a87581c 100644
--- a/pkg/resources/resources.go
+++ b/pkg/resources/resources.go
@@ -78,9 +78,9 @@ var assets = func() http.FileSystem {
"/crd/bases/camel.apache.org_builds.yaml": &vfsgen۰CompressedFileInfo{
name: "camel.apache.org_builds.yaml",
modTime: time.Time{},
- uncompressedSize: 22436,
+ uncompressedSize: 22748,
- compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\xdf\x73\xdb\x36\xf2\x7f\xd7\x5f\xb1\x13\x3f\x24\x99\xb1\xa8\xa6\xed\xf7\x3b\x1d\xdd\xc3\x8d\x2a\x27\x73\xba\x24\xb6\xc7\x72\xd2\xe9\xe3\x8a\x5c\x51\xa8\x48\x80\x07\x80\x96\xd5\x9b\xfb\xdf\x6f\x00\x90\x12\x65\xf1\x07\x68\x2b\xad\xef\xce\x78\x49\x4c\x01\x8b\xfd\x85\xcf\xee\x82\x20\xce\x60\x78\xba\x36\x38\x83\x4f\x2c\x24\xae\x28\x02\x2d\x40\xaf\x08\x26\x19\x86\x2b\x82\xb9\x58\xea\x0d\x4a\x82\x0f\x22\xe7\x11\x6a\x [...]
+ compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\xdd\x73\xdb\x38\x92\x7f\xd7\x5f\xd1\x15\x3f\x24\xa9\xb2\xa8\x64\x3e\xee\xe6\x7c\x0f\x57\x1a\x25\xa9\xd3\x26\xb1\x5d\x96\x93\xd9\x79\x6c\x91\x2d\x0a\x23\x12\xe0\x02\xa0\x64\xcd\xd6\xfe\xef\x5b\x00\x48\x49\xb4\xf8\x01\xda\xca\x8c\x77\xd7\x78\x49\x4c\x01\x8d\xfe\xc2\xaf\xbb\x41\x10\x67\x30\x3c\x5d\x1b\x9c\xc1\x27\x16\x12\x57\x14\x81\x16\xa0\x97\x04\xe3\x0c\xc3\x25\xc1\x4c\x2c\xf4\x06\x25\xc1\x07\x91\xf3\x08\x35\x [...]
},
"/crd/bases/camel.apache.org_camelcatalogs.yaml": &vfsgen۰CompressedFileInfo{
name: "camel.apache.org_camelcatalogs.yaml",
@@ -99,9 +99,9 @@ var assets = func() http.FileSystem {
"/crd/bases/camel.apache.org_integrationplatforms.yaml": &vfsgen۰CompressedFileInfo{
name: "camel.apache.org_integrationplatforms.yaml",
modTime: time.Time{},
- uncompressedSize: 19424,
+ uncompressedSize: 19896,
- compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x5f\x8f\xdb\xb8\x11\x7f\xd7\xa7\x18\xc4\x0f\xb9\x03\xd6\xf2\xa5\xed\x43\xe1\x3e\x14\x3e\x27\x41\xdd\x24\xbb\x8b\xb5\x93\xc3\x3d\xd2\xd2\x58\xe6\x99\x22\x55\x92\x5a\xc7\x57\xf4\xbb\x17\x43\x4a\xb6\xbc\xd6\xbf\xf5\xe6\xd0\xf6\x2a\xbe\x24\x96\xc8\xe1\xfc\xfd\x71\xc8\xa1\x76\x04\xe3\x6f\xd7\x82\x11\x7c\xe4\x11\x4a\x83\x31\x58\x05\x76\x8b\x30\xcb\x58\xb4\x45\x58\xaa\x8d\xdd\x33\x8d\xf0\x5e\xe5\x32\x66\x96\x2b\x09\x [...]
+ compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x5f\x73\xdb\xb8\x11\x7f\xe7\xa7\xd8\x89\x1e\x72\x99\xb1\xa8\xa4\x7f\xa6\xad\xfa\xd0\xd1\x29\xc9\x54\x75\x62\x7b\x2c\x25\xd7\x7b\x84\xc8\x15\x85\x13\x08\xb0\x00\x68\x45\xd7\xe9\x77\xef\x2c\x40\x4a\x94\x45\x52\xb4\xec\x9b\xb6\x57\xe2\xc5\x96\x08\x2c\xf6\xef\x0f\x0b\x2c\xa8\x01\x0c\x5f\xae\x05\x03\xf8\xc4\x23\x94\x06\x63\xb0\x0a\xec\x1a\x61\x92\xb1\x68\x8d\x30\x57\x2b\xbb\x65\x1a\xe1\xa3\xca\x65\xcc\x2c\x57\x12\x [...]
},
"/crd/bases/camel.apache.org_integrations.yaml": &vfsgen۰CompressedFileInfo{
name: "camel.apache.org_integrations.yaml",
diff --git a/pkg/trait/openapi.go b/pkg/trait/openapi.go
index d652599..9ba84cf 100644
--- a/pkg/trait/openapi.go
+++ b/pkg/trait/openapi.go
@@ -215,8 +215,8 @@ func (t *openAPITrait) createNewOpenAPIConfigMap(e *Environment, resource v1.Res
mc.SettingsContent = []byte(settings)
}
- if e.Platform.Status.Build.Maven.CaCert != nil {
- certData, err := kubernetes.GetSecretRefData(e.C, e.Client, e.Platform.Namespace, e.Platform.Status.Build.Maven.CaCert)
+ if e.Platform.Status.Build.Maven.CASecret != nil {
+ certData, err := kubernetes.GetSecretRefData(e.C, e.Client, e.Platform.Namespace, e.Platform.Status.Build.Maven.CASecret)
if err != nil {
return err
}
diff --git a/pkg/util/camel/catalog.go b/pkg/util/camel/catalog.go
index 6b8ee38..47a5359 100644
--- a/pkg/util/camel/catalog.go
+++ b/pkg/util/camel/catalog.go
@@ -76,8 +76,8 @@ func GenerateCatalog(
}
var caCert []byte
- if mvn.CaCert != nil {
- caCert, err = kubernetes.GetSecretRefData(ctx, client, namespace, mvn.CaCert)
+ if mvn.CASecret != nil {
+ caCert, err = kubernetes.GetSecretRefData(ctx, client, namespace, mvn.CASecret)
if err != nil {
return nil, err
}
diff --git a/pkg/util/jvm/keystore.go b/pkg/util/jvm/keystore.go
index 7a8e753..0a3fe1a 100644
--- a/pkg/util/jvm/keystore.go
+++ b/pkg/util/jvm/keystore.go
@@ -49,7 +49,7 @@ func GenerateKeystore(ctx context.Context, keystoreDir, keystoreName, keystorePa
return err
}
- // Try to locale root CA certificates truststore, in order to import them
+ // Try to locate root CA certificates truststore, in order to import them
// into the newly created truststore. It avoids tempering the system-wide
// JVM truststore.
javaHome, ok := os.LookupEnv("JAVA_HOME")