From 08e3c56ead51540c440bf9383be4bb2e7cafba51 Mon Sep 17 00:00:00 2001
From: Oilbeater <mengxin@alauda.io>
Date: Wed, 22 May 2024 18:29:42 +0800
Subject: [PATCH] support ctr to generate ssl certs (#4068)

Signed-off-by: oilbeater <liumengxinfly@gmail.com>
---
 dist/images/install.sh | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/dist/images/install.sh b/dist/images/install.sh
index fe2a71d658d..2bcdef15394 100755
--- a/dist/images/install.sh
+++ b/dist/images/install.sh
@@ -192,7 +192,15 @@ if [[ $ENABLE_SSL = "true" ]];then
   echo "[Step 0/6] Generate SSL key and cert"
   exist=$(kubectl get secret -n kube-system kube-ovn-tls --ignore-not-found)
   if [[ $exist == "" ]];then
-    docker run --rm -v "$PWD":/etc/ovn $REGISTRY/kube-ovn:$VERSION bash generate-ssl.sh
+    if command -v docker &> /dev/null; then
+      docker run --rm -v "$PWD":/etc/ovn $REGISTRY/kube-ovn:$VERSION bash generate-ssl.sh
+    elif command -v ctr &> /dev/null; then
+      ctr image pull $REGISTRY/kube-ovn:$VERSION
+      ctr run --rm --mount type=bind,src="$PWD",dst=/etc/ovn,options=rbind:rw $REGISTRY/kube-ovn:$VERSION 0 bash generate-ssl.sh
+    else
+      echo "ERROR: No docker or ctr found"
+      exit 1
+    fi
     kubectl create secret generic -n kube-system kube-ovn-tls --from-file=cacert=cacert.pem --from-file=cert=ovn-cert.pem --from-file=key=ovn-privkey.pem
     rm -rf cacert.pem ovn-cert.pem ovn-privkey.pem ovn-req.pem
   fi