Public/ubicloud
2
0
Fork 0
mirror of https://github.com/ubicloud/ubicloud.git synced 2025-10-04 05:42:15 +08:00
Code Issues Projects Releases Packages Wiki Activity
ubicloud/prog/vnet/cert_server.rb
Furkan Sahin 6eff8a8840 Start metadata-endpoint even if the Cert is not ready 
We used to wait until the very first certificate is ready until starting
the metadata-endpoint. With this commit, we immediately start the
server. Because, now, the metadata-endpoint returns a proper message
saying the certificate is not ready with the PR
https://github.com/ubicloud/metadata-endpoint/pull/5
2025-10-02 16:35:27 +02:00

45 lines
1.2 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
class Prog::Vnet::CertServer < Prog::Base
subject_is :load_balancer
def vm
@vm ||= Vm[frame.fetch("vm_id")]
end
label def before_run
pop "vm is destroyed" unless vm
end
label def reshare_certificate
put_cert_to_vm
pop "certificate is reshared"
end
label def setup_cert_server
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server setup #{vm.inhost_name}")
hop_put_certificate
end
label def put_certificate
nap 5 unless load_balancer.active_cert&.cert
put_cert_to_vm
pop "certificate server is setup"
end
label def remove_cert_server
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server stop_and_remove #{vm.inhost_name}")
pop "certificate resources and server are removed"
end
def put_cert_to_vm
cert = load_balancer.active_cert
fail "BUG: certificate is nil" unless cert&.cert
cert_payload = cert.cert
cert_key_payload = OpenSSL::PKey::EC.new(cert.csr_key).to_pem
vm.vm_host.sshable.cmd("sudo host/bin/setup-cert-server put-certificate #{vm.inhost_name}", stdin: JSON.generate({cert_payload: cert_payload.to_s, cert_key_payload: cert_key_payload.to_s}))
end
end
Reference in a new issue View git blame Copy permalink