Skip to content

Commit

Permalink
Remove unused statements
Browse files Browse the repository at this point in the history
  • Loading branch information
barroco committed Apr 25, 2023
1 parent 1821af3 commit 828d575
Showing 1 changed file with 1 addition and 5 deletions.
6 changes: 1 addition & 5 deletions build/apply-certs.sh
Original file line number Diff line number Diff line change
Expand Up @@ -37,29 +37,25 @@ UPLOAD_CA_KEY=true
# Delete previous secrets in case they have changed.
kubectl create namespace "$NAMESPACE" --context "$CONTEXT" || true

kubectl delete secret cockroachdb.client.root --namespace default --context "$CONTEXT" || true
kubectl delete secret cockroachdb.client.root --namespace "$NAMESPACE" --context "$CONTEXT" || true
kubectl delete secret cockroachdb.node --namespace "$NAMESPACE" --context "$CONTEXT" || true
kubectl delete secret cockroachdb.ca.crt --namespace "$NAMESPACE" --context "$CONTEXT" || true
kubectl delete secret cockroachdb.ca.key --namespace "$NAMESPACE" --context "$CONTEXT" || true
kubectl delete secret dss.public.certs --namespace "$NAMESPACE" --context "$CONTEXT" || true
kubectl delete secret cockroachdb.tls --namespace "$NAMESPACE" --context "$CONTEXT" || true

kubectl create secret generic cockroachdb.client.root --namespace default --from-file "$CLIENTS_CERTS_DIR" --context "$CONTEXT"
if [[ $NAMESPACE != "default" ]]; then
kubectl create secret generic cockroachdb.client.root --namespace "$NAMESPACE" --from-file "$CLIENTS_CERTS_DIR" --context "$CONTEXT"
fi
kubectl create secret generic cockroachdb.node --namespace "$NAMESPACE" --from-file "$NODE_CERTS_DIR" --context "$CONTEXT"

# The ca key is not needed for any typical operations, but might be required to sign new certificates.
$UPLOAD_CA_KEY && kubectl create secret generic cockroachdb.ca.key --namespace "$NAMESPACE" --from-file "$CA_KEY_DIR" --context "$CONTEXT"
# The ca.crt is kept in it's own secret to more easily manage cert rotation and
# adding other operators' certificates.
kubectl create secret generic cockroachdb.ca.crt --namespace "$NAMESPACE" --from-file "$CA_CRT_DIR" --context "$CONTEXT"
kubectl create secret tls cockroachdb.tls --namespace "$NAMESPACE" --cert="$CA_CRT_DIR/ca.crt" --key="$CA_KEY_DIR/ca.key" --context "$CONTEXT"
kubectl create secret generic dss.public.certs --namespace "$NAMESPACE" --from-file "$JWT_PUBLIC_CERTS_DIR" --context "$CONTEXT"

kubectl create secret tls cockroachdb.tls --namespace "$NAMESPACE" --cert="$CA_CRT_DIR/ca.crt" --key="$CA_KEY_DIR/ca.key" --context "$CONTEXT"

echo '========================================================================='
echo '= Secrets uploaded successfully. ='
echo '========================================================================='

0 comments on commit 828d575

Please sign in to comment.