Merge pull request #44 from projectsyn/fix/cert-error

simu · web-flow · commit b5cc2ab3bb17 · 2022-10-24T16:16:57.000+02:00
Fix certificate errors in vcluster container
diff --git a/component/cluster.libsonnet b/component/cluster.libsonnet
@@ -345,7 +345,17 @@ local cluster = function(name, options)
               securityContext: {
                 allowPrivilegeEscalation: false,
               },
-              env: [],
+              env: [
+                // ensure that syncer TLS certificate is also valid for pod IP
+                {
+                  name: 'POD_IP',
+                  valueFrom: {
+                    fieldRef: {
+                      fieldPath: 'status.podIP',
+                    },
+                  },
+                },
+              ],
               volumeMounts: [
                 {
                   mountPath: '/data',
diff --git a/tests/golden/defaults/defaults/defaults/10_cluster.yaml b/tests/golden/defaults/defaults/defaults/10_cluster.yaml
@@ -221,7 +221,11 @@ spec:
             - --tls-san=defaults.syn-defaults.svc
             - --tls-san=defaults.syn-defaults
             - --tls-san=defaults
-          env: []
+          env:
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
           image: docker.io/loftsh/vcluster:0.12.2
           livenessProbe:
             failureThreshold: 10
diff --git a/tests/golden/oidc/oidc/oidc/10_cluster.yaml b/tests/golden/oidc/oidc/oidc/10_cluster.yaml
@@ -225,7 +225,11 @@ spec:
             - --tls-san=oidc.testns.svc
             - --tls-san=oidc.testns
             - --tls-san=oidc
-          env: []
+          env:
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
           image: docker.io/loftsh/vcluster:0.12.2
           livenessProbe:
             failureThreshold: 10
diff --git a/tests/golden/openshift/openshift/openshift/10_cluster.yaml b/tests/golden/openshift/openshift/openshift/10_cluster.yaml
@@ -227,7 +227,11 @@ spec:
             - --tls-san=openshift.syn-openshift.svc
             - --tls-san=openshift.syn-openshift
             - --tls-san=openshift
-          env: []
+          env:
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
           image: docker.io/loftsh/vcluster:0.12.2
           livenessProbe:
             failureThreshold: 10
