Remove TLS deprecated flags from flux create secret

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2026-02-06 10:55:56 +00:00 · 2024-09-27 19:54:11 +03:00
parent 3e4524b987
commit a3dbf31e87
16 changed files with 29 additions and 200 deletions
--- a/pkg/bootstrap/bootstrap_plain_git.go
+++ b/pkg/bootstrap/bootstrap_plain_git.go
@@ -229,7 +229,7 @@ func (b *PlainGitBootstrapper) ReconcileSourceSecret(ctx context.Context, option
 	}

 	// Return early if exists and no custom config is passed
-	if ok && options.Keypair == nil && len(options.CAFile) == 0 && len(options.Username+options.Password) == 0 {
+	if ok && options.Keypair == nil && len(options.CACrt) == 0 && len(options.Username+options.Password) == 0 {
 		b.logger.Successf("source secret up to date")
 		return nil
 	}
--- a/pkg/manifestgen/sourcesecret/options.go
+++ b/pkg/manifestgen/sourcesecret/options.go
@@ -75,16 +75,6 @@ type Options struct {
 	VerificationCrts    []VerificationCrt
 	TrustPolicy         []byte
 	Address             string
-
-	// Deprecated: Replaced by CACrt, but kept for backwards compatibility
-	// with deprecated TLS flags.
-	CAFile []byte
-	// Deprecated: Replaced by TLSCrt, but kept for backwards compatibility
-	// with deprecated TLS flags.
-	CertFile []byte
-	// Deprecated: Replaced by TLSKey, but kept for backwards compatibility
-	// with deprecated TLS flags.
-	KeyFile []byte
 }

 type VerificationCrt struct {
@@ -100,9 +90,6 @@ func MakeDefaultOptions() Options {
 		PrivateKeyAlgorithm: RSAPrivateKeyAlgorithm,
 		Username:            "",
 		Password:            "",
-		CAFile:              []byte{},
-		CertFile:            []byte{},
-		KeyFile:             []byte{},
 		ManifestFile:        "secret.yaml",
 		BearerToken:         "",
 	}
--- a/pkg/manifestgen/sourcesecret/sourcesecret.go
+++ b/pkg/manifestgen/sourcesecret/sourcesecret.go
@@ -162,17 +162,12 @@ func buildSecret(keypair *ssh.KeyPair, hostKey, dockerCfg []byte, options Option

 	if len(options.CACrt) != 0 {
 		secret.StringData[CACrtSecretKey] = string(options.CACrt)
-	} else if len(options.CAFile) != 0 {
-		secret.StringData[CAFileSecretKey] = string(options.CAFile)
 	}

 	if len(options.TLSCrt) != 0 && len(options.TLSKey) != 0 {
 		secret.Type = corev1.SecretTypeTLS
 		secret.StringData[TLSCrtSecretKey] = string(options.TLSCrt)
 		secret.StringData[TLSKeySecretKey] = string(options.TLSKey)
-	} else if len(options.CertFile) != 0 && len(options.KeyFile) != 0 {
-		secret.StringData[CertFileSecretKey] = string(options.CertFile)
-		secret.StringData[KeyFileSecretKey] = string(options.KeyFile)
 	}

 	if keypair != nil && len(hostKey) != 0 {