update pkg v1.1.20 to reload certs in k8s always (#14470)

2025-11-10 05:59:43 -05:00 · 2022-03-04 20:34:39 -08:00
parent b0c84e3de7
commit 92a77cc78e
4 changed files with 7 additions and 3 deletions
--- a/cmd/common-main.go
+++ b/cmd/common-main.go
@@ -903,6 +903,9 @@ func getTLSConfig() (x509Certs []*x509.Certificate, manager *certs.Manager, secu
 	}
 	secureConn = true

+	// Certs might be symlinks, reload them every 10 seconds.
+	manager.UpdateReloadDuration(10 * time.Second)
+
 	// syscall.SIGHUP to reload the certs.
 	manager.ReloadOnSignal(syscall.SIGHUP)

--- a/cmd/utils.go
+++ b/cmd/utils.go
@@ -633,6 +633,7 @@ func NewGatewayHTTPTransportWithClientCerts(clientCert, clientKey string) *http.
 				err.Error()))
 		}
 		if c != nil {
+			c.UpdateReloadDuration(10 * time.Second)
 			c.ReloadOnSignal(syscall.SIGHUP) // allow reloads upon SIGHUP
 			transport.TLSClientConfig.GetClientCertificate = c.GetClientCertificate
 		}