search

joe-elliott / cert-exporter

A Prometheus exporter that publishes cert expirations on disk and in Kubernetes secrets
Apache License 2.0
313 stars 88 forks source link

upgrading go mod to use new kubernetes versions #130

Closed Bryce-Soghigian closed 1 year ago

Bryce-Soghigian commented 1 year ago

129 To see why this is required.

joe-elliott commented 1 year ago

CI is currently failing with:

E0103 15:33:56.180635   18506 periodicCertChecker.go:48] Error on certs/bundle_pfx.crt: failed to parse as pem and pkcs12: pkcs12: unknown digest algorithm: 2.16.840.1.101.3.4.2.1

but that same error is being returned on this simple PR so I don't think it has anything to do with your changes. https://github.com/joe-elliott/cert-exporter/pull/128

I'm unable to reproduce this locally. This is the line creating the bundle_pfx.crt file:

https://github.com/joe-elliott/cert-exporter/blob/master/test/files/genCerts.sh#L45

Unsure what exactly is failing here, but I think it's unrelated to these changes. I will attempt to diagnose as I have time, but encourage anyone with some spare cycles to take a look if they have a chance as well.

The referenced digest algorithm is sha256? https://oidref.com/2.16.840.1.101.3.4.2.1 which apparently the go package doesn't support? Perhaps we can just adjust the parameters to openssl to use a different algorithm so CI will pass.

joe-elliott commented 1 year ago

Ok, switching to a different pkcs12 dependency fixed the issue. Feel free to rebase or merge and then CI should pass. Thanks for this update!

Bryce-Soghigian commented 1 year ago

@joe-elliott I have successfully rebased Thanks for your prompt response!

joe-elliott commented 1 year ago

Thanks!