MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-26 20:38:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: treat /var/run/secrets/ on k8s as system cert directory (#11123)

Browse Source 
consider `/var/run/secrets/kubernetes.io/serviceaccount`
as system cert directory for container platform.
This commit is contained in:
Harshavardhana
2020-12-16 18:24:12 -08:00
committed by GitHub
parent b390a2a0b9
commit 970ddb424b
2 changed files with 65 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/certs/ca-certs.go
View File

@@ -38,7 +38,7 @@ func GetRootCAs(certsCAsDir string) (*x509.CertPool, error) {
if err != nil {
if os.IsNotExist(err) || os.IsPermission(err) {
// Return success if CA's directory is missing or permission denied.
err = nil
return rootCAs, nil
}
return rootCAs, err
}
@@ -46,11 +46,10 @@ func GetRootCAs(certsCAsDir string) (*x509.CertPool, error) {
// Load all custom CA files.
for _, fi := range fis {
caCert, err := ioutil.ReadFile(path.Join(certsCAsDir, fi.Name()))
if err != nil {
// ignore files which are not readable.
continue
if err == nil {
rootCAs.AppendCertsFromPEM(caCert)
}
rootCAs.AppendCertsFromPEM(caCert)
// ignore files which are not readable.
}
return rootCAs, nil