💄 remove the android path of the cert locations

Signed-off-by: Matthias Wessendorf <[email protected]>
tektoncd · Nov 29, 2023 · 83e60c4 · 83e60c4
1 parent 551c39f
commit 83e60c4
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 7 deletions.
diff --git a/pkg/reconciler/common/certificates.go b/pkg/reconciler/common/certificates.go
@@ -119,10 +119,9 @@ func AddCABundlesToContainerVolumes(c *corev1.Container) {
 		var certDirectories = []string{
 			// Ordering is important here - we will be using the "first"
 			// element in SSL_CERT_DIR to do the volume mounts.
-			sslCertDir,                     // /tekton-custom-certs
-			"/etc/ssl/certs",               // SLES10/SLES11, https://golang.org/issue/12139
-			"/etc/pki/tls/certs",           // Fedora/RHEL
-			"/system/etc/security/cacerts", // Android
+			sslCertDir,           // /tekton-custom-certs
+			"/etc/ssl/certs",     // SLES10/SLES11, https://golang.org/issue/12139
+			"/etc/pki/tls/certs", // Fedora/RHEL
 		}
 
 		// SSL_CERT_DIR accepts a colon separated list of directories

diff --git a/pkg/reconciler/common/certificates_test.go b/pkg/reconciler/common/certificates_test.go
@@ -194,7 +194,7 @@ func TestAddCABundlesToContainerVolumes(t *testing.T) {
 		expected *corev1.Container
 	}
 
-	defaultSSLCertDir := "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts"
+	defaultSSLCertDir := "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs"
 
 	tests := []testStructure{
 		{

diff --git a/pkg/reconciler/openshift/common/cabundle_test.go b/pkg/reconciler/openshift/common/cabundle_test.go
@@ -37,7 +37,7 @@ func TestApplyCABundles(t *testing.T) {
 		withEnvs(
 			corev1.EnvVar{
 				Name:  "SSL_CERT_DIR",
-				Value: "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts",
+				Value: "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs",
 			},
 		),
 		withVolumes(corev1.Volume{

diff --git a/pkg/reconciler/proxy/proxy_test.go b/pkg/reconciler/proxy/proxy_test.go
@@ -38,7 +38,7 @@ func TestUpdateVolume(t *testing.T) {
 	podUpdated := updateVolume(pod)
 	assert.DeepEqual(t, len(podUpdated.Spec.Containers[0].Env), 1)
 	assert.DeepEqual(t, podUpdated.Spec.Containers[0].Env[0].Name, "SSL_CERT_DIR")
-	assert.DeepEqual(t, podUpdated.Spec.Containers[0].Env[0].Value, "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs:/system/etc/security/cacerts")
+	assert.DeepEqual(t, podUpdated.Spec.Containers[0].Env[0].Value, "/tekton-custom-certs:/etc/ssl/certs:/etc/pki/tls/certs")
 
 	assert.DeepEqual(t, len(podUpdated.Spec.Volumes), 2)
 	assert.DeepEqual(t, podUpdated.Spec.Volumes[0].Name, "config-trusted-cabundle-volume")