Skip to content

Commit

Permalink
delete the hail root cert if it is already expired
Browse files Browse the repository at this point in the history
  • Loading branch information
@daniel-goldstein
daniel-goldstein committed Jun 9, 2023
1 parent 384e389 commit b0dd11e
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions build.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,20 @@ steps:
image:
valueFrom: create_certs_image.image
script: |
{% if not deploy %}
{% raw %}
kubectl get secret ssl-config-hail-root --template='{{index .data "hail-root-cert.pem"}}' \
| base64 --decode \
| openssl x509 -checkend 0 -noout -in -
{% endraw %}
if [ "$?" -ne 0 ]
then
kubectl delete secret -n {{ default_ns.name }} ssl-config-hail-root
fi
{% endif %}
openssl req -new -x509 -subj /CN=hail-root -nodes -newkey rsa:4096 -keyout hail-root-key.pem -out hail-root-cert.pem
until kubectl get secret -n {{ default_ns.name }} ssl-config-hail-root
do
Expand Down

0 comments on commit b0dd11e

Please sign in to comment.