From 64807416b71958e31156ef7a50e169813acc4e15 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Fri, 6 Dec 2019 14:16:33 -0600
Subject: [PATCH] Probes: Ensure newline between key and cert in probe concat

This PS ensures there is a newline present between the cert and its
key when concatenating them together.

Change-Id: I72319c1a415d683f19ff8f96060eb39bbec34b75
Signed-off-by: Pete Birley <pete@port.direct>
---
 charts/apiserver/templates/daemonset.yaml                     | 2 +-
 charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/apiserver/templates/daemonset.yaml b/charts/apiserver/templates/daemonset.yaml
index 6c55f543..d2bd5ac0 100644
--- a/charts/apiserver/templates/daemonset.yaml
+++ b/charts/apiserver/templates/daemonset.yaml
@@ -82,7 +82,7 @@ spec:
               - -c
               - |-
                 if [ ! -f /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem ]; then
-                  cat /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem > /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem
+                  cat /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem <(echo) /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem > /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem
                 fi
                 echo -e 'GET /healthz HTTP/1.0\r\n' | socat - openssl:localhost:{{ .Values.network.kubernetes_apiserver.port }},cert=/host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem,cafile=/host{{ .Values.apiserver.host_etc_path }}/pki/cluster-ca.pem | grep '200 OK'
                 exit $?
diff --git a/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl b/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl
index 958d45c7..b0cfc2d1 100644
--- a/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl
+++ b/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl
@@ -104,7 +104,7 @@ spec:
           - -c
           - |-
             if [ ! -f /etc/kubernetes/apiserver/pki/apiserver-both.pem ]; then
-              cat /etc/kubernetes/apiserver/pki/apiserver-key.pem /etc/kubernetes/apiserver/pki/apiserver.pem > /etc/kubernetes/apiserver/pki/apiserver-both.pem
+              cat /etc/kubernetes/apiserver/pki/apiserver-key.pem <(echo) /etc/kubernetes/apiserver/pki/apiserver.pem > /etc/kubernetes/apiserver/pki/apiserver-both.pem
             fi
             echo -e 'GET /healthz HTTP/1.0\r\n' | socat - openssl:localhost:{{ .Values.network.kubernetes_apiserver.port }},cert=/etc/kubernetes/apiserver/pki/apiserver-both.pem,cafile=/etc/kubernetes/apiserver/pki/cluster-ca.pem | grep '200 OK'
             exit $?