Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check that parameters for certificate and private key are not set to the same file #589

Open
soenkeliebau opened this issue Apr 23, 2021 · 4 comments · May be fixed by #683
Open

Check that parameters for certificate and private key are not set to the same file #589

soenkeliebau opened this issue Apr 23, 2021 · 4 comments · May be fixed by #683
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@soenkeliebau
Copy link
Contributor

When --cert-file and --private-key-file are set to the same file one overwrites the other and TLS fails with a parse error (which makes sense).

A quick check in the config that these parameters do not have the same value would be a useful addition I think.
@thomastaylor312 thomastaylor312 added enhancement New feature or request good first issue Good for newcomers labels May 10, 2021
@sladyn98
Copy link

@thomastaylor312 Hey i am just getting started with rust and thought this was a good way to get started, any pointers on where I can begin ?

@soenkeliebau
Copy link
Contributor Author

@sladyn98
I haven't spent much time looking, but I think this should be a good starting point: https://github.com/deislabs/krustlet/blob/c781a9816858607647108d2157c7c5c1ca004a35/crates/kubelet/src/config.rs#L338

That code should be common to most ways of building a config and can return an error during initialization, which should be suitable for this check.

@thomastaylor312
Copy link
Member

Hi @sladyn98, thanks for offering to help! So when I was double checking things, I actually think we'd want to verify this in the Kubelet::new function: https://github.com/deislabs/krustlet/blob/20c00115d3af460fe7740d6a07589b25578fcaef/crates/kubelet/src/kubelet.rs#L42

The reason being is that the config file and command line flag stuff is optional, which means a user can generate a Config on their own and have it not be valid. I think at minimum, it should check the two pieces of data specified in this issue. A stretch goal (but definitely not required for a first time issue like this) would be to add a validate function to the Config so any future data validation can be added there.

Hope that helps! And thanks again for the help

@sladyn98 sladyn98 mentioned this issue Jun 4, 2021
Closed
@yunkunrao yunkunrao linked a pull request Oct 2, 2021 that will close this issue
Open
@yunkunrao
Copy link

Hi, I found this issue was not updated since June 5th and I'm been following Krustlet community. So I submit a new PR, could you please help review this PR when it is convenient. Thanks.

@bacongobbler bacongobbler linked a pull request Oct 4, 2021 that will close this issue
Validate config properties #683
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Validate config properties yunkunrao/krustlet
Validate config properties sladyn98/krustlet
4 participants
@soenkeliebau @thomastaylor312 @yunkunrao @sladyn98