commit 5a09142af47b710bb76df16eca94edefcd3052d7
author Serge Bazanski <serge@nexantic.com> Mon Jun 22 14:01:45 2020 +0200
committer Serge Bazanski <serge@nexantic.com> Mon Jun 22 14:01:45 2020 +0200
tree 6be9238cf37c51dfc8f99aded4ef06c4ac81bb12
parent 385c12f84a0f1b6b5d70f228a0fb629f6f8f316c

scripts/create_container: fix cockroachdb startup

After moving the build container to --net=host this broke building //...
(as sqlboiler touches a local crdb in order to generate SQL
boilerplate...). This moves cockroachdb to also run with --net=host, and
fixes the advertisement address in the same way as it's fixed in
run_ci.sh.

Test Plan: tested this locally :/

X-Origin-Diff: phab/D562
GitOrigin-RevId: 25aee769a555d34ae3c9f12560a8a29986601034

core/internal/kubernetes/apiserver.go

diff --git a/core/internal/kubernetes/apiserver.go b/core/internal/kubernetes/apiserver.go
index 9bc32f3..b5bab3d 100644
--- a/core/internal/kubernetes/apiserver.go
+++ b/core/internal/kubernetes/apiserver.go
@@ -27,11 +27,11 @@
 	"path"
 
 	"git.monogon.dev/source/nexantic.git/core/internal/common"
+	"git.monogon.dev/source/nexantic.git/core/internal/common/supervisor"
+	"git.monogon.dev/source/nexantic.git/core/internal/kubernetes/pki"
+	"git.monogon.dev/source/nexantic.git/core/pkg/fileargs"
 
 	"go.etcd.io/etcd/clientv3"
-
-	"git.monogon.dev/source/nexantic.git/core/internal/common/supervisor"
-	"git.monogon.dev/source/nexantic.git/core/pkg/fileargs"
 )
 
 type apiserverConfig struct {
@@ -52,12 +52,12 @@
 func getPKIApiserverConfig(consensusKV clientv3.KV) (*apiserverConfig, error) {
 	var config apiserverConfig
 	var err error
-	config.idCA, _, err = getCert(consensusKV, "id-ca")
-	config.kubeletClientCert, config.kubeletClientKey, err = getCert(consensusKV, "kubelet-client")
-	config.aggregationCA, _, err = getCert(consensusKV, "aggregation-ca")
-	config.aggregationClientCert, config.aggregationClientKey, err = getCert(consensusKV, "front-proxy-client")
-	config.serverCert, config.serverKey, err = getCert(consensusKV, "apiserver")
-	saPrivkey, err := consensusKV.Get(context.Background(), path.Join(etcdPath, "service-account-privkey.der"))
+	config.idCA, _, err = pki.GetCert(consensusKV, "id-ca")
+	config.kubeletClientCert, config.kubeletClientKey, err = pki.GetCert(consensusKV, "kubelet-client")
+	config.aggregationCA, _, err = pki.GetCert(consensusKV, "aggregation-ca")
+	config.aggregationClientCert, config.aggregationClientKey, err = pki.GetCert(consensusKV, "front-proxy-client")
+	config.serverCert, config.serverKey, err = pki.GetCert(consensusKV, "apiserver")
+	saPrivkey, err := consensusKV.Get(context.Background(), path.Join(pki.EtcdPath, "service-account-privkey.der"))
 	if err != nil {
 		return nil, fmt.Errorf("failed to get serviceaccount privkey: %w", err)
 	}