prodvider: fix build after k8s update, add to CI presubmit
Change-Id: I5a3794541853abd1fb16e67e285edfa29c2f5cf7
diff --git a/cluster/prodvider/hspki.go b/cluster/prodvider/hspki.go
index e747889..fabf84d 100644
--- a/cluster/prodvider/hspki.go
+++ b/cluster/prodvider/hspki.go
@@ -1,6 +1,7 @@
package main
import (
+ "context"
"encoding/pem"
"fmt"
"time"
@@ -17,7 +18,7 @@
// hspkiSigner returns a cfssl signer (CA) for HSPKI, by loading the CA
// cert/key from Kubernetes.
-func (p *prodvider) hspkiSigner() (*local.Signer, error) {
+func (p *prodvider) hspkiSigner(ctx context.Context) (*local.Signer, error) {
policy := &config.Signing{
Profiles: map[string]*config.SigningProfile{
"client-server": &config.SigningProfile{
@@ -28,7 +29,7 @@
Default: config.DefaultConfig(),
}
- secret, err := p.k8s.CoreV1().Secrets("cert-manager").Get("pki-selfsigned-cert", metav1.GetOptions{})
+ secret, err := p.k8s.CoreV1().Secrets("cert-manager").Get(ctx, "pki-selfsigned-cert", metav1.GetOptions{})
if err != nil {
return nil, fmt.Errorf("hspki secret get failed: %w", err)
}
@@ -48,10 +49,10 @@
// hspkiCreds returns a HSPKI certificate/key for an SSO user. The returned
// certificate is valida for both server and client usage.
-func (p *prodvider) hspkiCreds(username string) (*pb.HSPKIKeys, error) {
+func (p *prodvider) hspkiCreds(ctx context.Context, username string) (*pb.HSPKIKeys, error) {
principal := fmt.Sprintf("%s.sso.hswaw.net", username)
- s, err := p.hspkiSigner()
+ s, err := p.hspkiSigner(ctx)
if err != nil {
return nil, fmt.Errorf("hspkiSigner: %w", err)
}