From 04bfddefc3d8cd650d659a5937973f5e55acbf4c Mon Sep 17 00:00:00 2001 From: srBraun Date: Mon, 2 Mar 2020 11:50:09 +0100 Subject: [PATCH] adds support for CDP to selfsigned issuer Signed-off-by: srBraun --- deploy/charts/cert-manager/crds/clusterissuers.yaml | 5 +++++ deploy/charts/cert-manager/crds/issuers.yaml | 5 +++++ deploy/manifests/00-crds.yaml | 10 ++++++++++ pkg/apis/certmanager/v1alpha2/types_issuer.go | 4 +++- pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go | 7 ++++++- pkg/apis/certmanager/v1alpha3/types_issuer.go | 4 +++- pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go | 7 ++++++- .../certificaterequests/selfsigned/selfsigned.go | 2 ++ pkg/internal/apis/certmanager/types_issuer.go | 4 +++- .../certmanager/v1alpha2/zz_generated.conversion.go | 2 ++ .../certmanager/v1alpha3/zz_generated.conversion.go | 2 ++ pkg/internal/apis/certmanager/zz_generated.deepcopy.go | 7 ++++++- 12 files changed, 53 insertions(+), 6 deletions(-) diff --git a/deploy/charts/cert-manager/crds/clusterissuers.yaml b/deploy/charts/cert-manager/crds/clusterissuers.yaml index 48a4041ee..de897a606 100644 --- a/deploy/charts/cert-manager/crds/clusterissuers.yaml +++ b/deploy/charts/cert-manager/crds/clusterissuers.yaml @@ -1531,6 +1531,11 @@ spec: type: string selfSigned: type: object + properties: + crlDistributionPoints: + type: array + items: + type: string vault: type: object required: diff --git a/deploy/charts/cert-manager/crds/issuers.yaml b/deploy/charts/cert-manager/crds/issuers.yaml index 7f9207dc5..50d62d2ba 100644 --- a/deploy/charts/cert-manager/crds/issuers.yaml +++ b/deploy/charts/cert-manager/crds/issuers.yaml @@ -1531,6 +1531,11 @@ spec: type: string selfSigned: type: object + properties: + crlDistributionPoints: + type: array + items: + type: string vault: type: object required: diff --git a/deploy/manifests/00-crds.yaml b/deploy/manifests/00-crds.yaml index 5bd14dafe..3dba08045 100644 --- a/deploy/manifests/00-crds.yaml +++ b/deploy/manifests/00-crds.yaml @@ -3681,6 +3681,11 @@ spec: type: string selfSigned: type: object + properties: + crlDistributionPoints: + type: array + items: + type: string vault: type: object required: @@ -5435,6 +5440,11 @@ spec: type: string selfSigned: type: object + properties: + crlDistributionPoints: + type: array + items: + type: string vault: type: object required: diff --git a/pkg/apis/certmanager/v1alpha2/types_issuer.go b/pkg/apis/certmanager/v1alpha2/types_issuer.go index 9d79359c0..8fd58c7e6 100644 --- a/pkg/apis/certmanager/v1alpha2/types_issuer.go +++ b/pkg/apis/certmanager/v1alpha2/types_issuer.go @@ -147,7 +147,9 @@ type VenafiCloud struct { APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"` } -type SelfSignedIssuer struct{} +type SelfSignedIssuer struct { + CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` +} type VaultIssuer struct { // Vault authentication diff --git a/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go index 1ab249c59..80ad41dcb 100644 --- a/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go @@ -492,7 +492,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { if in.SelfSigned != nil { in, out := &in.SelfSigned, &out.SelfSigned *out = new(SelfSignedIssuer) - **out = **in + (*in).DeepCopyInto(*out) } if in.Venafi != nil { in, out := &in.Venafi, &out.Venafi @@ -593,6 +593,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { *out = *in + if in.CRLDistributionPoints != nil { + in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints + *out = make([]string, len(*in)) + copy(*out, *in) + } return } diff --git a/pkg/apis/certmanager/v1alpha3/types_issuer.go b/pkg/apis/certmanager/v1alpha3/types_issuer.go index 3d400dcaa..2bb8cf3a2 100644 --- a/pkg/apis/certmanager/v1alpha3/types_issuer.go +++ b/pkg/apis/certmanager/v1alpha3/types_issuer.go @@ -147,7 +147,9 @@ type VenafiCloud struct { APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"` } -type SelfSignedIssuer struct{} +type SelfSignedIssuer struct { + CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` +} type VaultIssuer struct { // Vault authentication diff --git a/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go b/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go index fb5b6ae23..89667a7fd 100644 --- a/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go +++ b/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go @@ -487,7 +487,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { if in.SelfSigned != nil { in, out := &in.SelfSigned, &out.SelfSigned *out = new(SelfSignedIssuer) - **out = **in + (*in).DeepCopyInto(*out) } if in.Venafi != nil { in, out := &in.Venafi, &out.Venafi @@ -588,6 +588,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { *out = *in + if in.CRLDistributionPoints != nil { + in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints + *out = make([]string, len(*in)) + copy(*out, *in) + } return } diff --git a/pkg/controller/certificaterequests/selfsigned/selfsigned.go b/pkg/controller/certificaterequests/selfsigned/selfsigned.go index 2590cfd2a..7adc925be 100644 --- a/pkg/controller/certificaterequests/selfsigned/selfsigned.go +++ b/pkg/controller/certificaterequests/selfsigned/selfsigned.go @@ -125,6 +125,8 @@ func (s *SelfSigned) Sign(ctx context.Context, cr *cmapi.CertificateRequest, iss return nil, nil } + template.CRLDistributionPoints = issuerObj.GetSpec().SelfSigned.CRLDistributionPoints + // extract the public component of the key publickey, err := pki.PublicKeyForPrivateKey(privatekey) if err != nil { diff --git a/pkg/internal/apis/certmanager/types_issuer.go b/pkg/internal/apis/certmanager/types_issuer.go index 3d69fcfb2..2c93662cd 100644 --- a/pkg/internal/apis/certmanager/types_issuer.go +++ b/pkg/internal/apis/certmanager/types_issuer.go @@ -126,7 +126,9 @@ type VenafiCloud struct { APITokenSecretRef cmmeta.SecretKeySelector } -type SelfSignedIssuer struct{} +type SelfSignedIssuer struct { + CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` +} type VaultIssuer struct { // Vault authentication diff --git a/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go b/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go index 51e8bdbd8..61220ee80 100644 --- a/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go +++ b/pkg/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go @@ -882,6 +882,7 @@ func Convert_certmanager_IssuerStatus_To_v1alpha2_IssuerStatus(in *certmanager.I } func autoConvert_v1alpha2_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alpha2.SelfSignedIssuer, out *certmanager.SelfSignedIssuer, s conversion.Scope) error { + out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints)) return nil } @@ -891,6 +892,7 @@ func Convert_v1alpha2_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alp } func autoConvert_certmanager_SelfSignedIssuer_To_v1alpha2_SelfSignedIssuer(in *certmanager.SelfSignedIssuer, out *v1alpha2.SelfSignedIssuer, s conversion.Scope) error { + out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints)) return nil } diff --git a/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go b/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go index eb83852ef..303ea5fc3 100644 --- a/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go +++ b/pkg/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go @@ -855,6 +855,7 @@ func Convert_certmanager_IssuerStatus_To_v1alpha3_IssuerStatus(in *certmanager.I } func autoConvert_v1alpha3_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alpha3.SelfSignedIssuer, out *certmanager.SelfSignedIssuer, s conversion.Scope) error { + out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints)) return nil } @@ -864,6 +865,7 @@ func Convert_v1alpha3_SelfSignedIssuer_To_certmanager_SelfSignedIssuer(in *v1alp } func autoConvert_certmanager_SelfSignedIssuer_To_v1alpha3_SelfSignedIssuer(in *certmanager.SelfSignedIssuer, out *v1alpha3.SelfSignedIssuer, s conversion.Scope) error { + out.CRLDistributionPoints = *(*[]string)(unsafe.Pointer(&in.CRLDistributionPoints)) return nil } diff --git a/pkg/internal/apis/certmanager/zz_generated.deepcopy.go b/pkg/internal/apis/certmanager/zz_generated.deepcopy.go index c61b8c754..d7e264c2e 100644 --- a/pkg/internal/apis/certmanager/zz_generated.deepcopy.go +++ b/pkg/internal/apis/certmanager/zz_generated.deepcopy.go @@ -487,7 +487,7 @@ func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { if in.SelfSigned != nil { in, out := &in.SelfSigned, &out.SelfSigned *out = new(SelfSignedIssuer) - **out = **in + (*in).DeepCopyInto(*out) } if in.Venafi != nil { in, out := &in.Venafi, &out.Venafi @@ -588,6 +588,11 @@ func (in *IssuerStatus) DeepCopy() *IssuerStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { *out = *in + if in.CRLDistributionPoints != nil { + in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints + *out = make([]string, len(*in)) + copy(*out, *in) + } return }