m/n/kubernetes: serve authproxy with node certificate We are currently serving authproxy with the Kubernetes node certificate, which is somewhat useless, considering that this certificate isn't even issued by the same CA that the client certificates (which are Metropolis certificates) presented. This changes the authproxy to serve with Metropolis node certificates instead. Change-Id: I03ff19c919c6a9fa72c98997432cc06a59e9958e Reviewed-on: https://review.monogon.dev/c/monogon/+/2740 Tested-by: Jenkins CI Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

commit: ad86a55c9c507478e2c4989f50912d7869164066 [log] [tgz]
author: Serge Bazanski <serge@monogon.tech> Wed Jan 31 17:46:47 2024 +0100
committer: Serge Bazanski <serge@monogon.tech> Thu Feb 08 11:10:07 2024 +0000
tree: 214d48bcad4ede5909af88ce7deaadedd2d9fbe0
parent: 7dbf18c1932b5c7945a2ba53d7580a6857cda5d3 [diff] [blame]
diff --git a/metropolis/node/kubernetes/service_controller.go b/metropolis/node/kubernetes/service_controller.go
index fbeabca..804a210 100644
--- a/metropolis/node/kubernetes/service_controller.go
+++ b/metropolis/node/kubernetes/service_controller.go

@@ -48,7 +48,7 @@
 	KPKI    *pki.PKI
 	Root    *localstorage.Root
 	Network *network.Service
-	Node    *identity.Node
+	Node    *identity.NodeCredentials
 }
 
 type Controller struct {
commit	ad86a55c9c507478e2c4989f50912d7869164066	[log] [tgz]
author	Serge Bazanski <serge@monogon.tech>	Wed Jan 31 17:46:47 2024 +0100
committer	Serge Bazanski <serge@monogon.tech>	Thu Feb 08 11:10:07 2024 +0000
tree	214d48bcad4ede5909af88ce7deaadedd2d9fbe0
parent	7dbf18c1932b5c7945a2ba53d7580a6857cda5d3 [diff] [blame]