From 2bfdd62cf3663742a2606f1396332e7a461b560c Mon Sep 17 00:00:00 2001 From: pjuarezd Date: Fri, 24 May 2024 11:09:09 -0700 Subject: [PATCH] typecast check Signed-off-by: pjuarezd --- pkg/controller/main-controller.go | 4 +++- pkg/controller/operator.go | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/pkg/controller/main-controller.go b/pkg/controller/main-controller.go index 7f5d67059e8..c45df40ae26 100644 --- a/pkg/controller/main-controller.go +++ b/pkg/controller/main-controller.go @@ -1416,7 +1416,9 @@ func (c *Controller) handleSecret(obj interface{}, oldObj interface{}) { klog.Infof("Secret '%s/%s' changed", secret.Namespace, secret.Name) var oldSecret *corev1.Secret if oldObj != nil { - oldSecret = oldObj.(*corev1.Secret) + if oldCasted, ok := oldObj.(*corev1.Secret); ok { + oldObj = oldCasted + } } // Add new certificates to Transport Certs if any changed if !c.TrustTLSCertificatesInSecretIfChanged(secret, oldSecret) { diff --git a/pkg/controller/operator.go b/pkg/controller/operator.go index 43e197c6174..cb5cd042e08 100644 --- a/pkg/controller/operator.go +++ b/pkg/controller/operator.go @@ -252,12 +252,12 @@ func (c *Controller) trustIfChanged(newSecret *corev1.Secret, oldSecret *corev1. klog.Errorf("Failed adding certs in field '%s' of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err) } } else { - // If filed was not present in old secret but is in new secret then is an addition, we trust it + // If field was not present in old secret but is in new secret then is an addition, we trust it if err := c.addTLSCertificatesToTrustInTransport(newPublicCert); err == nil { klog.Infof("Added certificates in field '%s' of '%s/%s' secret to trusted RootCA's", fieldToCompare, newSecret.Namespace, newSecret.Name) return true } - klog.Errorf("Failed adding certs in field %s of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err) + klog.Errorf("Failed adding certificates in field %s of '%s/%s' secret: %v", fieldToCompare, newSecret.Namespace, newSecret.Name, err) } } return false @@ -270,7 +270,7 @@ func (c *Controller) trustPEMInSecretField(secret *corev1.Secret, fieldToCompare klog.Infof("Added certificates in field '%s' of '%s/%s' secret to trusted RootCA's", fieldToCompare, secret.Namespace, secret.Name) return true } - klog.Errorf("Failed adding certs in field '%s' of '%s/%s' secret: %v", fieldToCompare, secret.Namespace, secret.Name, err) + klog.Errorf("Failed adding certificates in field '%s' of '%s/%s' secret: %v", fieldToCompare, secret.Namespace, secret.Name, err) } return false } @@ -278,7 +278,7 @@ func (c *Controller) trustPEMInSecretField(secret *corev1.Secret, fieldToCompare func (c *Controller) addTLSCertificatesToTrustInTransport(certificateData []byte) error { var x509Certs []*x509.Certificate current := certificateData - // A single PEM file could contain more than one certificate, keeping track of the index to help debugging + // A single PEM file could contain more than one certificates, keeping track of the index to help debugging certIndex := 1 for len(current) > 0 { var pemBlock *pem.Block