in CombineCaBundle use const instead of hard-coded string

shirady · Neon-White · commit 28f8f328198f · 2025-05-20T09:37:33.000+02:00
(to avoid circular dependency had to move the consts from options to util)

Signed-off-by: shirady &lt;57721533+shirady@users.noreply.github.com&gt;
Signed-off-by: Ben &lt;belimele@redhat.com&gt;
diff --git a/pkg/options/options.go b/pkg/options/options.go
@@ -48,12 +48,6 @@ const (
 
 	// SystemName is a constant as we want just a single system per namespace
 	SystemName = "noobaa"
-
-	// ServiceServingCertCAFile points to OCP default root CA list
-	ServiceServingCertCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
-
-	// InjectedBundleCertCAFile points to OCP root CA to be added to the default root CA list
-	InjectedBundleCertCAFile = "/etc/ocp-injected-ca-bundle/ca-bundle.crt"
 )
 
 // Namespace is the target namespace for locating the noobaa system
diff --git a/pkg/system/reconciler.go b/pkg/system/reconciler.go
@@ -404,9 +404,9 @@ func (r *Reconciler) Reconcile() (reconcile.Result, error) {
 		}
 	}
 
-	err = util.CombineCaBundle(options.ServiceServingCertCAFile)
+	err = util.CombineCaBundle(util.ServiceServingCertCAFile)
 	if err == nil {
-		r.ApplyCAsToPods = options.InjectedBundleCertCAFile
+		r.ApplyCAsToPods = util.InjectedBundleCertCAFile
 	} else if !os.IsNotExist(err) {
 		log.Errorf("❌ NooBaa %q failed to add root CAs to system default", r.NooBaa.Name)
 		res.RequeueAfter = 3 * time.Second
diff --git a/pkg/util/util.go b/pkg/util/util.go
@@ -84,6 +84,12 @@ const (
 
 	topologyConstraintsEnabledKubeVersion = "1.26.0"
 	trueStr                               = "true"
+
+	// ServiceServingCertCAFile points to OCP default root CA list
+	ServiceServingCertCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
+
+	// InjectedBundleCertCAFile points to OCP root CA to be added to the default root CA list
+	InjectedBundleCertCAFile = "/etc/ocp-injected-ca-bundle/ca-bundle.crt"
 )
 
 // OAuth2Endpoints holds OAuth2 endpoints information.
@@ -151,7 +157,7 @@ func CombineCaBundle(localCertFile string) error {
 	}
 
 	var certFiles = []string{
-		"/etc/ocp-injected-ca-bundle/ca-bundle.crt",
+		InjectedBundleCertCAFile,
 		localCertFile,
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -404,9 +404,9 @@ func (r *Reconciler) Reconcile() (reconcile.Result, error) {`
`404`	`404`	`}`
`405`	`405`	`}`
`406`	`406`
`407`		`- err = util.CombineCaBundle(options.ServiceServingCertCAFile)`
	`407`	`+ err = util.CombineCaBundle(util.ServiceServingCertCAFile)`
`408`	`408`	`if err == nil {`
`409`		`- r.ApplyCAsToPods = options.InjectedBundleCertCAFile`
	`409`	`+ r.ApplyCAsToPods = util.InjectedBundleCertCAFile`
`410`	`410`	`} else if !os.IsNotExist(err) {`
`411`	`411`	`log.Errorf("❌ NooBaa %q failed to add root CAs to system default", r.NooBaa.Name)`
`412`	`412`	`res.RequeueAfter = 3 * time.Second`
Original file line number	Diff line number	Diff line change
`@@ -84,6 +84,12 @@ const (`
`84`	`84`
`85`	`85`	`topologyConstraintsEnabledKubeVersion = "1.26.0"`
`86`	`86`	`trueStr = "true"`
	`87`	`+`
	`88`	`+ // ServiceServingCertCAFile points to OCP default root CA list`
	`89`	`+ ServiceServingCertCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"`
	`90`	`+`
	`91`	`+ // InjectedBundleCertCAFile points to OCP root CA to be added to the default root CA list`
	`92`	`+ InjectedBundleCertCAFile = "/etc/ocp-injected-ca-bundle/ca-bundle.crt"`
`87`	`93`	`)`
`88`	`94`
`89`	`95`	`// OAuth2Endpoints holds OAuth2 endpoints information.`
`@@ -151,7 +157,7 @@ func CombineCaBundle(localCertFile string) error {`
`151`	`157`	`}`
`152`	`158`
`153`	`159`	`var certFiles = []string{`
`154`		`- "/etc/ocp-injected-ca-bundle/ca-bundle.crt",`
	`160`	`+ InjectedBundleCertCAFile,`
`155`	`161`	`localCertFile,`
`156`	`162`	`}`
`157`	`163`