From 470aaf0a6b0b8f7648ce490340bcc2f59f2535ee Mon Sep 17 00:00:00 2001 From: Wei Ran Date: Fri, 11 Aug 2023 18:11:02 +0800 Subject: [PATCH] Certificate paths in cloud-init scripts should not use a platform-dependent path separator --- util/secret/certificates.go | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/util/secret/certificates.go b/util/secret/certificates.go index bf438d647ced..7e9d211dcf51 100644 --- a/util/secret/certificates.go +++ b/util/secret/certificates.go @@ -25,7 +25,7 @@ import ( "crypto/x509/pkix" "encoding/hex" "math/big" - "path/filepath" + "path" "strings" "time" @@ -73,25 +73,25 @@ func NewCertificatesForInitialControlPlane(config *bootstrapv1.ClusterConfigurat certificates := Certificates{ &Certificate{ Purpose: ClusterCA, - CertFile: filepath.Join(certificatesDir, "ca.crt"), - KeyFile: filepath.Join(certificatesDir, "ca.key"), + CertFile: path.Join(certificatesDir, "ca.crt"), + KeyFile: path.Join(certificatesDir, "ca.key"), }, &Certificate{ Purpose: ServiceAccount, - CertFile: filepath.Join(certificatesDir, "sa.pub"), - KeyFile: filepath.Join(certificatesDir, "sa.key"), + CertFile: path.Join(certificatesDir, "sa.pub"), + KeyFile: path.Join(certificatesDir, "sa.key"), }, &Certificate{ Purpose: FrontProxyCA, - CertFile: filepath.Join(certificatesDir, "front-proxy-ca.crt"), - KeyFile: filepath.Join(certificatesDir, "front-proxy-ca.key"), + CertFile: path.Join(certificatesDir, "front-proxy-ca.crt"), + KeyFile: path.Join(certificatesDir, "front-proxy-ca.key"), }, } etcdCert := &Certificate{ Purpose: EtcdCA, - CertFile: filepath.Join(certificatesDir, "etcd", "ca.crt"), - KeyFile: filepath.Join(certificatesDir, "etcd", "ca.key"), + CertFile: path.Join(certificatesDir, "etcd", "ca.crt"), + KeyFile: path.Join(certificatesDir, "etcd", "ca.key"), } // TODO make sure all the fields are actually defined and return an error if not @@ -124,24 +124,24 @@ func NewControlPlaneJoinCerts(config *bootstrapv1.ClusterConfiguration) Certific certificates := Certificates{ &Certificate{ Purpose: ClusterCA, - CertFile: filepath.Join(certificatesDir, "ca.crt"), - KeyFile: filepath.Join(certificatesDir, "ca.key"), + CertFile: path.Join(certificatesDir, "ca.crt"), + KeyFile: path.Join(certificatesDir, "ca.key"), }, &Certificate{ Purpose: ServiceAccount, - CertFile: filepath.Join(certificatesDir, "sa.pub"), - KeyFile: filepath.Join(certificatesDir, "sa.key"), + CertFile: path.Join(certificatesDir, "sa.pub"), + KeyFile: path.Join(certificatesDir, "sa.key"), }, &Certificate{ Purpose: FrontProxyCA, - CertFile: filepath.Join(certificatesDir, "front-proxy-ca.crt"), - KeyFile: filepath.Join(certificatesDir, "front-proxy-ca.key"), + CertFile: path.Join(certificatesDir, "front-proxy-ca.crt"), + KeyFile: path.Join(certificatesDir, "front-proxy-ca.key"), }, } etcdCert := &Certificate{ Purpose: EtcdCA, - CertFile: filepath.Join(certificatesDir, "etcd", "ca.crt"), - KeyFile: filepath.Join(certificatesDir, "etcd", "ca.key"), + CertFile: path.Join(certificatesDir, "etcd", "ca.crt"), + KeyFile: path.Join(certificatesDir, "etcd", "ca.key"), } // TODO make sure all the fields are actually defined and return an error if not @@ -167,7 +167,7 @@ func NewControlPlaneJoinCerts(config *bootstrapv1.ClusterConfiguration) Certific // NewCertificatesForWorker return an initialized but empty set of CA certificates needed to bootstrap a cluster. func NewCertificatesForWorker(caCertPath string) Certificates { if caCertPath == "" { - caCertPath = filepath.Join(DefaultCertificatesDir, "ca.crt") + caCertPath = path.Join(DefaultCertificatesDir, "ca.crt") } return Certificates{