adds support for CDP to selfsigned issuer

Signed-off-by: srBraun <dev@skra.space>
2020-03-02 11:50:09 +01:00 · 2020-03-02 11:50:09 +01:00 · 04bfddefc3
commit 04bfddefc3
parent 672f7654a7
12 changed files with 53 additions and 6 deletions
--- a/deploy/charts/cert-manager/crds/clusterissuers.yaml
+++ b/deploy/charts/cert-manager/crds/clusterissuers.yaml
@ -1531,6 +1531,11 @@ spec:
                  type: string
            selfSigned:
              type: object
+              properties:
+                crlDistributionPoints:
+                  type: array
+                  items:
+                    type: string
            vault:
              type: object
              required:
--- a/deploy/charts/cert-manager/crds/issuers.yaml
+++ b/deploy/charts/cert-manager/crds/issuers.yaml
@ -1531,6 +1531,11 @@ spec:
                  type: string
            selfSigned:
              type: object
+              properties:
+                crlDistributionPoints:
+                  type: array
+                  items:
+                    type: string
            vault:
              type: object
              required:
--- a/deploy/manifests/00-crds.yaml
+++ b/deploy/manifests/00-crds.yaml
@ -3681,6 +3681,11 @@ spec:
                  type: string
            selfSigned:
              type: object
+              properties:
+                crlDistributionPoints:
+                  type: array
+                  items:
+                    type: string
            vault:
              type: object
              required:
@ -5435,6 +5440,11 @@ spec:
                  type: string
            selfSigned:
              type: object
+              properties:
+                crlDistributionPoints:
+                  type: array
+                  items:
+                    type: string
            vault:
              type: object
              required:
--- a/pkg/apis/certmanager/v1alpha2/types_issuer.go
+++ b/pkg/apis/certmanager/v1alpha2/types_issuer.go
@ -147,7 +147,9 @@ type VenafiCloud struct {
 	APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"`
 }

-type SelfSignedIssuer struct{}
+type SelfSignedIssuer struct {
+	CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"`
+}

 type VaultIssuer struct {
 	// Vault authentication
--- a/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go
+++ b/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go
@ -492,7 +492,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) {
 	if in.SelfSigned != nil {
 		in, out := &in.SelfSigned, &out.SelfSigned
 		*out = new(SelfSignedIssuer)
-		**out = **in
+		(*in).DeepCopyInto(*out)
 	}
 	if in.Venafi != nil {
 		in, out := &in.Venafi, &out.Venafi
@ -593,6 +593,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) {
 	*out = *in
+	if in.CRLDistributionPoints != nil {
+		in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }

--- a/pkg/apis/certmanager/v1alpha3/types_issuer.go
+++ b/pkg/apis/certmanager/v1alpha3/types_issuer.go
@ -147,7 +147,9 @@ type VenafiCloud struct {
 	APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"`
 }

-type SelfSignedIssuer struct{}
+type SelfSignedIssuer struct {
+	CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"`
+}

 type VaultIssuer struct {
 	// Vault authentication
--- a/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go
+++ b/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go
@ -487,7 +487,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) {
 	if in.SelfSigned != nil {
 		in, out := &in.SelfSigned, &out.SelfSigned
 		*out = new(SelfSignedIssuer)
-		**out = **in
+		(*in).DeepCopyInto(*out)
 	}
 	if in.Venafi != nil {
 		in, out := &in.Venafi, &out.Venafi
@ -588,6 +588,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) {
 	*out = *in
+	if in.CRLDistributionPoints != nil {
+		in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }

--- a/pkg/controller/certificaterequests/selfsigned/selfsigned.go
+++ b/pkg/controller/certificaterequests/selfsigned/selfsigned.go
@ -125,6 +125,8 @@ func (s *SelfSigned) Sign(ctx context.Context, cr *cmapi.CertificateRequest, iss
 		return nil, nil
 	}

+	template.CRLDistributionPoints = issuerObj.GetSpec().SelfSigned.CRLDistributionPoints
+
 	// extract the public component of the key
 	publickey, err := pki.PublicKeyForPrivateKey(privatekey)
 	if err != nil {
--- a/pkg/internal/apis/certmanager/types_issuer.go
+++ b/pkg/internal/apis/certmanager/types_issuer.go
@ -126,7 +126,9 @@ type VenafiCloud struct {
 	APITokenSecretRef cmmeta.SecretKeySelector
 }

-type SelfSignedIssuer struct{}
+type SelfSignedIssuer struct {
+	CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"`
+}

 type VaultIssuer struct {
 	// Vault authentication
--- a/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go
+++ b/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go
@ -882,6 +882,7 @@ func Convert_certmanager_IssuerStatus_To_v1alpha2_IssuerStatus(in *certmanager.I
 }

 func autoConvert_v1alpha2_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alpha2.SelfSignedIssuer, out *certmanager.SelfSignedIssuer, s conversion.Scope) error {
+	out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints))
 	return nil
 }

@ -891,6 +892,7 @@ func Convert_v1alpha2_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alp
 }

 func autoConvert_certmanager_SelfSignedIssuer_To_v1alpha2_SelfSignedIssuer(in *certmanager.SelfSignedIssuer, out *v1alpha2.SelfSignedIssuer, s conversion.Scope) error {
+	out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints))
 	return nil
 }

--- a/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go
+++ b/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go
@ -855,6 +855,7 @@ func Convert_certmanager_IssuerStatus_To_v1alpha3_IssuerStatus(in *certmanager.I
 }

 func autoConvert_v1alpha3_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alpha3.SelfSignedIssuer, out *certmanager.SelfSignedIssuer, s conversion.Scope) error {
+	out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints))
 	return nil
 }

@ -864,6 +865,7 @@ func Convert_v1alpha3_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alp
 }

 func autoConvert_certmanager_SelfSignedIssuer_To_v1alpha3_SelfSignedIssuer(in *certmanager.SelfSignedIssuer, out *v1alpha3.SelfSignedIssuer, s conversion.Scope) error {
+	out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints))
 	return nil
 }

--- a/pkg/internal/apis/certmanager/zz_generated.deepcopy.go
+++ b/pkg/internal/apis/certmanager/zz_generated.deepcopy.go
@ -487,7 +487,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) {
 	if in.SelfSigned != nil {
 		in, out := &in.SelfSigned, &out.SelfSigned
 		*out = new(SelfSignedIssuer)
-		**out = **in
+		(*in).DeepCopyInto(*out)
 	}
 	if in.Venafi != nil {
 		in, out := &in.Venafi, &out.Venafi
@ -588,6 +588,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) {
 	*out = *in
+	if in.CRLDistributionPoints != nil {
+		in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 	return
 }