fix adding users who supply their own key

adduser.sh

@@ -0,0 +1,2 @@
+kubectl config set-credentials $USER --client-certificate=$HOME/.kube/users/$USER/$USER.crt  --client-key=$HOME/.kube/users/$USER/$USER.key
+kubectl config set-context $USER --cluster=mainframe --namespace=kube-system --user=$USER

certsigner/pod.yaml

@@ -17,15 +17,15 @@ spec:
         memory: 100Mi
         cpu: 100m
     volumeMounts:
-      - mountPath: /certs
-        name: certs
       - mountPath: /keys
         name: keys
+      - mountPath: /certs
+        name: certs
   volumes:
-    - name: certs
-      persistentVolumeClaim:
-        claimName: certsigner-certs
     - name: keys
       secret:
-        secretName: certsigner
+        secretName: certs
+    - name: certs
+      emptyDir: {}
+
   restartPolicy: Always

certsigner/pvc.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: certsigner-certs
-  namespace: kube-system
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 1Gi

createuserspace.sh

@@ -5,5 +5,3 @@ helm template $USER ./namespace | kubectl --context admin apply -f -
 kubectl --context admin cp $HOME/.kube/users/$USER/$USER.csr certsigner:/certs/$USER.csr
 kubectl --context admin exec --context admin certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000
 kubectl --context admin cp certsigner:/certs/$USER.crt $HOME/.kube/users/$USER/$USER.crt
-kubectl config set-credentials $USER --client-certificate=$HOME/.kube/users/$USER/$USER.crt  --client-key=$HOME/.kube/users/$USER/$USER.key
-kubectl config set-context $USER --cluster=mainframe --namespace=kube-system --user=$USER