feat: cleanup cert/key info in tls config for ensuring service accoun…

…t will be used (#2098) Signed-off-by: rambohe-ch <linbo.hlb@alibaba-inc.com>
openyurtio · Jul 16, 2024 · beae373 · beae373
1 parent b3ff015
commit beae373
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/cmd/yurt-manager/app/client/client.go b/cmd/yurt-manager/app/client/client.go
@@ -82,6 +82,12 @@ func GetConfigByControllerNameOrDie(mgr manager.Manager, controllerName string)
 	cfg := rest.CopyConfig(baseCfg)
 	rest.AddUserAgent(cfg, controllerName)
 
+	// clean cert/key info in tls config for ensuring service account will be used.
+	cfg.TLSClientConfig.KeyFile = ""
+	cfg.TLSClientConfig.CertFile = ""
+	cfg.TLSClientConfig.CertData = []byte{}
+	cfg.TLSClientConfig.KeyData = []byte{}
+
 	// add controller-specific token wrapper to cfg
 	cachedTokenSource := transport.NewCachedTokenSource(&tokenSourceImpl{
 		namespace:          namespace,