fold run-proxy.sh funtionality into proxy-dentity

A docker image with a shell is required to run the identity helper The logic for the identity helper shell script docker entry point has been moved into proxy-identity/main.go and the docker file has been updated to reflect the removal of the run-proxy.sh script none Fixes linkerd#6172 Signed-off-by: Taylor Skinner <tskinn12@gmail.com>
tskinn · Jun 5, 2021 · 49cce23 · 49cce23
1 parent 7af97e6
commit 49cce23
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 22 deletions.
diff --git a/Dockerfile-proxy b/Dockerfile-proxy
@@ -38,9 +38,8 @@ COPY --from=fetch /build/proxy-version /usr/lib/linkerd/linkerd2-proxy-version.t
 COPY --from=fetch /build/linkerd2-proxy /usr/lib/linkerd/linkerd2-proxy
 COPY --from=fetch /build/linkerd-await /usr/lib/linkerd/linkerd-await
 COPY --from=golang /out/proxy-identity /usr/lib/linkerd/linkerd2-proxy-identity
-COPY proxy-identity/run-proxy.sh /usr/bin/linkerd2-proxy-run
 ARG LINKERD_VERSION
 ENV LINKERD_CONTAINER_VERSION_OVERRIDE=${LINKERD_VERSION}
 ENV LINKERD2_PROXY_LOG=warn,linkerd=info
 ENV LINKERD2_PROXY_LOG_FORMAT=plain
-ENTRYPOINT ["/usr/bin/linkerd2-proxy-run"]
+ENTRYPOINT ["/usr/lib/linkerd/linkerd2-proxy-identity"]
diff --git a/proxy-identity/main.go b/proxy-identity/main.go
@@ -6,13 +6,12 @@ import (
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"errors"
-	"flag"
 	"fmt"
 	"io/ioutil"
 	"os"
+	"os/exec"
 	"path/filepath"
 
-	"github.com/linkerd/linkerd2/pkg/flags"
 	"github.com/linkerd/linkerd2/pkg/tls"
 	log "github.com/sirupsen/logrus"
 )
@@ -23,19 +22,17 @@ const (
 )
 
 func main() {
-	cmd := flag.NewFlagSet("public-api", flag.ExitOnError)
+	defer runProxy()
 
-	name := cmd.String("name", "", "identity name")
-	dir := cmd.String("dir", "", "directory under which credentials are written")
-
-	flags.ConfigureAndParse(cmd, os.Args[1:])
+	name := os.Getenv("LINKERD2_PROXY_IDENTITY_LOCAL_NAME")
+	dir := os.Getenv("LINKERD2_PROXY_IDENTITY_DIR")
 
 	if os.Getenv(envDisabled) != "" {
 		log.Debug("Identity disabled.")
-		os.Exit(0)
+		return
 	}
 
-	keyPath, csrPath, err := checkEndEntityDir(*dir)
+	keyPath, csrPath, err := checkEndEntityDir(dir)
 	if err != nil {
 		log.Fatalf("Invalid end-entity directory: %s", err)
 	}
@@ -49,7 +46,7 @@ func main() {
 		log.Fatal(err.Error())
 	}
 
-	if _, err := generateAndStoreCSR(csrPath, *name, key); err != nil {
+	if _, err := generateAndStoreCSR(csrPath, name, key); err != nil {
 		log.Fatal(err.Error())
 	}
 }
@@ -146,3 +143,12 @@ func generateAndStoreCSR(p, id string, key *ecdsa.PrivateKey) ([]byte, error) {
 
 	return csrb, nil
 }
+
+func runProxy() {
+	cmd := exec.Command("/usr/lib/linkerd/linkerd2-proxy")
+	cmd.Stdout, cmd.Stderr = os.Stdout, os.Stderr
+	err := cmd.Run()
+	if err != nil {
+		log.Fatalf("Failed to run proxy: %s", err)
+	}
+}
diff --git a/proxy-identity/run-proxy.sh b/proxy-identity/run-proxy.sh