github.com/openshift/installer@v1.4.17/pkg/asset/tls/cloudprovidercabundle.go (about) 1 package tls 2 3 import ( 4 "context" 5 6 "github.com/openshift/installer/pkg/asset" 7 "github.com/openshift/installer/pkg/asset/installconfig" 8 awstypes "github.com/openshift/installer/pkg/types/aws" 9 ) 10 11 // CloudProviderCABundle is the asset the generates the CA bundle for 12 // trusting communication with the cloud provider. This bundle is used 13 // by the machine-config-operator on the bootstrap node. 14 type CloudProviderCABundle struct { 15 File *asset.File 16 } 17 18 var _ asset.WritableAsset = (*CloudProviderCABundle)(nil) 19 20 // Dependencies returns the dependency of the CA bundle. 21 func (a *CloudProviderCABundle) Dependencies() []asset.Asset { 22 return []asset.Asset{ 23 &installconfig.InstallConfig{}, 24 } 25 } 26 27 // Generate generates the CA bundle based on its dependencies. 28 func (a *CloudProviderCABundle) Generate(_ context.Context, deps asset.Parents) error { 29 ic := &installconfig.InstallConfig{} 30 deps.Get(ic) 31 32 if ic.Config.AdditionalTrustBundle == "" { 33 return nil 34 } 35 if ic.Config.Platform.Name() != awstypes.Name { 36 return nil 37 } 38 if !awstypes.IsSecretRegion(ic.Config.Platform.AWS.Region) { 39 return nil 40 } 41 42 a.File = &asset.File{ 43 Filename: assetFilePath("cloud-ca-cert.pem"), 44 Data: []byte(ic.Config.AdditionalTrustBundle), 45 } 46 47 return nil 48 } 49 50 // Name returns the human-friendly name of the asset. 51 func (a *CloudProviderCABundle) Name() string { 52 return "Cloud Provider CA Bundle" 53 } 54 55 // Files returns the files generated by the asset. 56 func (a *CloudProviderCABundle) Files() []*asset.File { 57 if a.File == nil { 58 return nil 59 } 60 return []*asset.File{a.File} 61 } 62 63 // Load is a no-op because TLS assets are not written to disk. 64 func (a *CloudProviderCABundle) Load(asset.FileFetcher) (bool, error) { 65 return false, nil 66 }