Allow custom CA certificate when flag --api-server is specified (#4807)
This commit is contained in:
Manuel Alejandro de Brito Fontes
GitHub
parent
833d0e98a3
commit
19d596b72b
4 changed files with 30 additions and 5 deletions
|
|
@ -44,6 +44,10 @@ func parseFlags() (bool, *controller.Configuration, error) {
|
|||
Takes the form "protocol://address:port". If not specified, it is assumed the
|
||||
program runs inside a Kubernetes cluster and local discovery is attempted.`)
|
||||
|
||||
rootCAFile = flags.String("certificate-authority", "",
|
||||
`Path to a cert file for the certificate authority. This certificate is used
|
||||
only when the flag --apiserver-host is specified.`)
|
||||
|
||||
kubeConfigFile = flags.String("kubeconfig", "",
|
||||
`Path to a kubeconfig file containing authorization and API server information.`)
|
||||
|
||||
|
|
@ -289,5 +293,9 @@ Takes the form "<host>:port". If not provided, no admission controller is starte
|
|||
ValidationWebhookKeyPath: *validationWebhookKey,
|
||||
}
|
||||
|
||||
if *apiserverHost != "" {
|
||||
config.RootCAFile = *rootCAFile
|
||||
}
|
||||
|
||||
return false, config, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue