properly detect new k8g8 certificate being installed

kubesail · Sep 26, 2022 · 0dd38cb · 0dd38cb
1 parent 6cf3da6
commit 0dd38cb
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 17 deletions.
diff --git a/lib/agent/Agent.js b/lib/agent/Agent.js
@@ -1503,27 +1503,38 @@ class KubesailAgent {
           const changed = this.k8s.trackResource(event.type, event.object)
           if (event.object.kind === 'Secret') {
             if (event.object.type === 'kubernetes.io/tls') {
-              const hostnames = (
-                (event?.object?.metadata?.annotations || [])['cert-manager.io/common-name'] || ''
-              )
-                .split(',')
-                .filter(Boolean)
-              for (const hostname of hostnames) {
+              const isK8g8TLS =
+                event?.object?.metadata?.namespace === 'kube-system' &&
+                event?.object?.metadata?.name === 'k8g8-tls'
+
+              if (isK8g8TLS) {
                 if (event.type === 'ADDED') {
                   await this.installCertificate(
-                    event?.object?.metadata?.namespace,
-                    event?.object?.metadata?.name,
-                    hostname,
+                    'kube-system',
+                    'k8g8-tls',
+                    this.status.clusterAddress,
                     event.object
                   )
                 } else if (event.type === 'DELETED') {
-                  if (
-                    event?.object?.metadata?.namespace === 'kube-system' &&
-                    event?.object?.metadata?.name === 'k8g8-tls'
-                  ) {
-                    this.features.k8g8Cert = false
+                  this.features.k8g8Cert = false
+                }
+              } else {
+                const hostnames = (
+                  (event?.object?.metadata?.annotations || [])['cert-manager.io/common-name'] || ''
+                )
+                  .split(',')
+                  .filter(Boolean)
+                for (const hostname of hostnames) {
+                  if (event.type === 'ADDED') {
+                    await this.installCertificate(
+                      event?.object?.metadata?.namespace,
+                      event?.object?.metadata?.name,
+                      hostname,
+                      event.object
+                    )
+                  } else if (event.type === 'DELETED') {
+                    this.reverseProxyTLSContexts[hostname] = null
                   }
-                  this.reverseProxyTLSContexts[hostname] = null
                 }
               }
             }

diff --git a/lib/gateway/gatewayServer.js b/lib/gateway/gatewayServer.js
@@ -135,7 +135,7 @@ module.exports = function () {
   server.delete('/agent/:secret/:agentKey', async (req, res) => {
     if (req.params.secret !== KUBESAIL_API_SECRET) return res.sendStatus(403)
     const { agentKey } = req.params
-    logger.info('Unregistering agent', { agentKey })
+    logger.info('Un-registering agent', { agentKey })
     await this.redis.setex(agentKey, process.env.NODE_ENV ? 30 : 3600 * 24, 'removed')
     await this.messageAgent(agentKey, 'remove-cluster')
     return res.sendStatus(200)
@@ -145,7 +145,7 @@ module.exports = function () {
     if (req.params.agentKey && req.params.secret === KUBESAIL_API_SECRET) {
       const agentKey = req.params.agentKey
       await this.messageAgent(agentKey, 'health-check')
-      let [connected, healthData] = await this.redis.mget(`akhm|${agentKey}`, `healthcheck|${agentKey}`)
+      const [connected, healthData] = await this.redis.mget(`akhm|${agentKey}`, `healthcheck|${agentKey}`)
       let healthCheckData = {}
       // Backwards compatibility
       if (healthData && healthData[0] !== '{') {