Have kops-controller authorize droplet names instead of IPs

rifelpet · Oct 5, 2023 · 7a37a36 · 7a37a36
1 parent a2ac9d3
commit 7a37a36
Showing 1 changed file with 1 addition and 9 deletions.
diff --git a/upup/pkg/fi/cloudup/do/verifier.go b/upup/pkg/fi/cloudup/do/verifier.go
@@ -98,20 +98,12 @@ func (o digitalOceanVerifier) VerifyToken(ctx context.Context, rawRequest *http.
 
 	// The node challenge is important here though, verifying the caller has control of the IP address.
 
-	nodeName := ""
-	if len(addresses) == 0 {
-		// Name seems a better default than the first IP, but we have to match what other components are expecting
-		nodeName = droplet.Name
-	} else {
-		nodeName = addresses[0]
-	}
-
 	if len(challengeEndpoints) == 0 {
 		return nil, fmt.Errorf("cannot determine challenge endpoint for server %q", serverID)
 	}
 
 	result := &bootstrap.VerifyResult{
-		NodeName:          nodeName,
+		NodeName:          droplet.Name,
 		CertificateNames:  addresses,
 		ChallengeEndpoint: challengeEndpoints[0],
 	}