fix #1953

MAIF · Jul 25, 2024 · 21d46c3 · 21d46c3
1 parent 80f78ea
commit 21d46c3
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 3 deletions.
diff --git a/otoroshi/app/plugins/jobs/kubernetes/client.scala b/otoroshi/app/plugins/jobs/kubernetes/client.scala
@@ -108,7 +108,17 @@ class KubernetesClient(val config: KubernetesConfig, env: Env) {
 
   config.caCert.foreach { cert =>
     try {
-      val decoded = new String(Base64.getDecoder.decode(cert), StandardCharsets.UTF_8)
+      val decoded = {
+        val trimmed = cert.trim
+        if (trimmed.startsWith("-----BEGIN CERTIFICATE-----")) {
+          cert
+        } else {
+          Try(new String(Base64.getDecoder.decode(cert), StandardCharsets.UTF_8)) match {
+            case Failure(e) => cert
+            case Success(decodedCert) => decodedCert
+          }
+        }
+      }
       val caCert  = Cert.apply("kubernetes-ca-cert", decoded, "").copy(id = "kubernetes-ca-cert")
       DynamicSSLEngineProvider.certificates.find { case (k, c) =>
         c.id == "kubernetes-ca-cert"

diff --git a/otoroshi/app/plugins/jobs/kubernetes/config.scala b/otoroshi/app/plugins/jobs/kubernetes/config.scala
@@ -203,8 +203,11 @@ object KubernetesConfig {
             },
           caCert =
             (json \ "clusters").as[JsArray].value.find(v => (v \ "name").as[String] == currentContextCluster).map {
-              defaultUser =>
-                (defaultUser \ "cluster" \ "certificate-authority-data").as[String]
+              defaultUser => {
+                val base64Cert = (defaultUser \ "cluster" \ "certificate-authority-data").as[String]
+                val cert = new String(Base64.getDecoder.decode(base64Cert), StandardCharsets.UTF_8)
+                cert
+              }
             },
           namespaces = (conf \ "namespaces").asOpt[Seq[String]].filter(_.nonEmpty).getOrElse(Seq("*")),
           namespacesLabels = (conf \ "namespacesLabels").asOpt[Map[String, String]].getOrElse(Map.empty),