diff --git a/internal/deployer/k8s_secret.go b/internal/deployer/k8s_secret.go index 37063ef6..89789269 100644 --- a/internal/deployer/k8s_secret.go +++ b/internal/deployer/k8s_secret.go @@ -2,11 +2,8 @@ package deployer import ( "context" - "crypto/x509" "encoding/json" - "encoding/pem" "fmt" - "strings" corev1 "k8s.io/api/core/v1" @@ -15,6 +12,7 @@ import ( "k8s.io/client-go/tools/clientcmd" "github.com/usual2970/certimate/internal/domain" + "github.com/usual2970/certimate/internal/pkg/utils/x509" ) type K8sSecretDeployer struct { @@ -69,13 +67,10 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error { if secretDataKeyForKey == "" { namespace = "tls.key" } - block, _ := pem.Decode([]byte(d.option.Certificate.Certificate)) - if block == nil { - return fmt.Errorf("failed to parse certificate PEM") - } - cert, err := x509.ParseCertificate(block.Bytes) + + certificate, err := x509.ParseCertificateFromPEM(d.option.Certificate.Certificate) if err != nil { - return fmt.Errorf("failed to parse certificate: " + err.Error()) + return fmt.Errorf("failed to parse certificate: %w", err) } secretPayload := corev1.Secret{ @@ -87,9 +82,9 @@ func (d *K8sSecretDeployer) Deploy(ctx context.Context) error { Name: secretName, Annotations: map[string]string{ "certimate/domains": d.option.Domain, - "certimate/alt-names": strings.Join(cert.DNSNames, ","), - "certimate/common-name": cert.Subject.CommonName, - "certimate/issuer-organization": strings.Join(cert.Issuer.Organization, ","), + "certimate/alt-names": strings.Join(certificate.DNSNames, ","), + "certimate/common-name": certificate.Subject.CommonName, + "certimate/issuer-organization": strings.Join(certificate.Issuer.Organization, ","), }, }, Type: corev1.SecretType("kubernetes.io/tls"),