commit 5a09142af47b710bb76df16eca94edefcd3052d7
author Serge Bazanski <serge@nexantic.com> Mon Jun 22 14:01:45 2020 +0200
committer Serge Bazanski <serge@nexantic.com> Mon Jun 22 14:01:45 2020 +0200
tree 6be9238cf37c51dfc8f99aded4ef06c4ac81bb12
parent 385c12f84a0f1b6b5d70f228a0fb629f6f8f316c

scripts/create_container: fix cockroachdb startup

After moving the build container to --net=host this broke building //...
(as sqlboiler touches a local crdb in order to generate SQL
boilerplate...). This moves cockroachdb to also run with --net=host, and
fixes the advertisement address in the same way as it's fixed in
run_ci.sh.

Test Plan: tested this locally :/

X-Origin-Diff: phab/D562
GitOrigin-RevId: 25aee769a555d34ae3c9f12560a8a29986601034

core/internal/kubernetes/service.go

diff --git a/core/internal/kubernetes/service.go b/core/internal/kubernetes/service.go
index b2d340e..b8c3cf8 100644
--- a/core/internal/kubernetes/service.go
+++ b/core/internal/kubernetes/service.go
@@ -35,6 +35,7 @@
 	schema "git.monogon.dev/source/nexantic.git/core/generated/api"
 	"git.monogon.dev/source/nexantic.git/core/internal/common/supervisor"
 	"git.monogon.dev/source/nexantic.git/core/internal/consensus"
+	"git.monogon.dev/source/nexantic.git/core/internal/kubernetes/pki"
 	"git.monogon.dev/source/nexantic.git/core/internal/kubernetes/reconciler"
 	"git.monogon.dev/source/nexantic.git/core/internal/storage"
 	"git.monogon.dev/source/nexantic.git/core/pkg/logbuffer"
@@ -74,7 +75,7 @@
 }
 
 func (s *Service) NewCluster() error {
-	return newCluster(s.getKV())
+	return pki.NewCluster(s.getKV())
 }
 
 // GetComponentLogs grabs logs from various Kubernetes binaries
@@ -98,16 +99,16 @@
 	if !s.consensusService.IsReady() {
 		return nil, status.Error(codes.Unavailable, "Consensus not ready yet")
 	}
-	idCA, idKeyRaw, err := getCert(s.getKV(), "id-ca")
+	idCA, idKeyRaw, err := pki.GetCert(s.getKV(), "id-ca")
 	idKey := ed25519.PrivateKey(idKeyRaw)
 	if err != nil {
 		return nil, status.Errorf(codes.Unavailable, "Failed to load ID CA: %v", err)
 	}
-	debugCert, debugKey, err := issueCertificate(clientCertTemplate(request.Id, request.Groups), idCA, idKey)
+	debugCert, debugKey, err := pki.IssueCertificate(pki.ClientCertTemplate(request.Id, request.Groups), idCA, idKey)
 	if err != nil {
 		return nil, status.Errorf(codes.Unavailable, "Failed to issue certs for kubeconfig: %v\n", err)
 	}
-	debugKubeconfig, err := makeLocalKubeconfig(idCA, debugCert, debugKey)
+	debugKubeconfig, err := pki.MakeLocalKubeconfig(idCA, debugCert, debugKey)
 	if err != nil {
 		return nil, status.Errorf(codes.Unavailable, "Failed to generate kubeconfig: %v", err)
 	}
@@ -151,7 +152,7 @@
 			return err
 		}
 
-		masterKubeconfig, err := getSingle(consensusKV, "master.kubeconfig")
+		masterKubeconfig, err := pki.GetSingle(consensusKV, "master.kubeconfig")
 		if err != nil {
 			return err
 		}