From 88ebbd493907e171e89705faf1a851413d214d91 Mon Sep 17 00:00:00 2001 From: Adam King Date: Thu, 8 Feb 2024 08:23:37 -0500 Subject: [PATCH] mgr/cephadm: move ingress cert to cert store In an effort to try and organize our cert handling and provide cert management features in the future Signed-off-by: Adam King (cherry picked from commit 621f2e036c6bd4acb2f551fab94421d4e4788c97) --- src/pybind/mgr/cephadm/inventory.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/pybind/mgr/cephadm/inventory.py b/src/pybind/mgr/cephadm/inventory.py index a45ce13a5382d..f7d33d6d1ae66 100644 --- a/src/pybind/mgr/cephadm/inventory.py +++ b/src/pybind/mgr/cephadm/inventory.py @@ -376,6 +376,20 @@ class SpecStore(): iscsi_spec.ssl_key, service_name=iscsi_spec.service_name(), user_made=True) + elif spec.service_type == 'ingress': + ingress_spec = cast(IngressSpec, spec) + if ingress_spec.ssl_cert: + self.mgr.cert_key_store.save_cert( + 'ingress_ssl_cert', + ingress_spec.ssl_cert, + service_name=ingress_spec.service_name(), + user_made=True) + if ingress_spec.ssl_key: + self.mgr.cert_key_store.save_key( + 'ingress_ssl_key', + ingress_spec.ssl_key, + service_name=ingress_spec.service_name(), + user_made=True) def rm(self, service_name: str) -> bool: if service_name not in self._specs: @@ -411,6 +425,9 @@ class SpecStore(): if spec.service_type == 'iscsi': self.mgr.cert_key_store.rm_cert('iscsi_ssl_cert', service_name=spec.service_name()) self.mgr.cert_key_store.rm_key('iscsi_ssl_key', service_name=spec.service_name()) + if spec.service_type == 'ingress': + self.mgr.cert_key_store.rm_cert('ingress_ssl_cert', service_name=spec.service_name()) + self.mgr.cert_key_store.rm_key('ingress_ssl_key', service_name=spec.service_name()) def get_created(self, spec: ServiceSpec) -> Optional[datetime.datetime]: return self.spec_created.get(spec.service_name()) -- 2.39.5