From 118cfb60293451ccd57db07686007ab1fd9a53bc Mon Sep 17 00:00:00 2001
From: irbekrm <irbekrm@gmail.com>
Date: Fri, 11 Jun 2021 12:13:55 +0100
Subject: [PATCH] Remove the defaulting for renewBefore from fuzzer

We now calculate this default at reneal time

Signed-off-by: irbekrm <irbekrm@gmail.com>
---
 deploy/crds/crd-certificates.yaml                  | 8 ++++----
 pkg/apis/certmanager/v1/types_certificate.go       | 2 +-
 pkg/apis/certmanager/v1alpha2/types_certificate.go | 2 +-
 pkg/apis/certmanager/v1alpha3/types_certificate.go | 2 +-
 pkg/apis/certmanager/v1beta1/types_certificate.go  | 2 +-
 pkg/internal/apis/certmanager/fuzzer/fuzzer.go     | 3 ---
 6 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/deploy/crds/crd-certificates.yaml b/deploy/crds/crd-certificates.yaml
index 7de89e697..e4eff12b7 100644
--- a/deploy/crds/crd-certificates.yaml
+++ b/deploy/crds/crd-certificates.yaml
@@ -199,7 +199,7 @@ spec:
                       description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility.
                       type: string
                 renewBefore:
-                  description: How long before the currently issued certificate's expiry cert-manager  should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+                  description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
                   type: string
                 revisionHistoryLimit:
                   description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`.
@@ -497,7 +497,7 @@ spec:
                       description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility.
                       type: string
                 renewBefore:
-                  description: How long before the currently issued certificate's expiry cert-manager  should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+                  description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
                   type: string
                 revisionHistoryLimit:
                   description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`.
@@ -802,7 +802,7 @@ spec:
                       description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.
                       type: integer
                 renewBefore:
-                  description: How long before the currently issued certificate's expiry cert-manager  should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+                  description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
                   type: string
                 revisionHistoryLimit:
                   description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`.
@@ -1107,7 +1107,7 @@ spec:
                       description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. No other values are allowed.
                       type: integer
                 renewBefore:
-                  description: How long before the currently issued certificate's expiry cert-manager  should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+                  description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
                   type: string
                 revisionHistoryLimit:
                   description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`.
diff --git a/pkg/apis/certmanager/v1/types_certificate.go b/pkg/apis/certmanager/v1/types_certificate.go
index 46aa5afea..93fd70ba9 100644
--- a/pkg/apis/certmanager/v1/types_certificate.go
+++ b/pkg/apis/certmanager/v1/types_certificate.go
@@ -106,7 +106,7 @@ type CertificateSpec struct {
 	Duration *metav1.Duration `json:"duration,omitempty"`
 
 	// How long before the currently issued certificate's expiry
-	// cert-manager  should renew the certificate. The default is 2/3 of the
+	// cert-manager should renew the certificate. The default is 2/3 of the
 	// issued certificate's duration. Minimum accepted value is 5 minutes.
 	// Value must be in units accepted by Go time.ParseDuration
 	// https://golang.org/pkg/time/#ParseDuration
diff --git a/pkg/apis/certmanager/v1alpha2/types_certificate.go b/pkg/apis/certmanager/v1alpha2/types_certificate.go
index 7c32c8814..e3394219b 100644
--- a/pkg/apis/certmanager/v1alpha2/types_certificate.go
+++ b/pkg/apis/certmanager/v1alpha2/types_certificate.go
@@ -106,7 +106,7 @@ type CertificateSpec struct {
 	Duration *metav1.Duration `json:"duration,omitempty"`
 
 	// How long before the currently issued certificate's expiry
-	// cert-manager  should renew the certificate. The default is 2/3 of the
+	// cert-manager should renew the certificate. The default is 2/3 of the
 	// issued certificate's duration. Minimum accepted value is 5 minutes.
 	// Value must be in units accepted by Go time.ParseDuration
 	// https://golang.org/pkg/time/#ParseDuration
diff --git a/pkg/apis/certmanager/v1alpha3/types_certificate.go b/pkg/apis/certmanager/v1alpha3/types_certificate.go
index fb51840bc..814bf12e4 100644
--- a/pkg/apis/certmanager/v1alpha3/types_certificate.go
+++ b/pkg/apis/certmanager/v1alpha3/types_certificate.go
@@ -104,7 +104,7 @@ type CertificateSpec struct {
 	Duration *metav1.Duration `json:"duration,omitempty"`
 
 	// How long before the currently issued certificate's expiry
-	// cert-manager  should renew the certificate. The default is 2/3 of the
+	// cert-manager should renew the certificate. The default is 2/3 of the
 	// issued certificate's duration. Minimum accepted value is 5 minutes.
 	// Value must be in units accepted by Go time.ParseDuration
 	// https://golang.org/pkg/time/#ParseDuration
diff --git a/pkg/apis/certmanager/v1beta1/types_certificate.go b/pkg/apis/certmanager/v1beta1/types_certificate.go
index 04a356450..1a9f8a089 100644
--- a/pkg/apis/certmanager/v1beta1/types_certificate.go
+++ b/pkg/apis/certmanager/v1beta1/types_certificate.go
@@ -105,7 +105,7 @@ type CertificateSpec struct {
 	Duration *metav1.Duration `json:"duration,omitempty"`
 
 	// How long before the currently issued certificate's expiry
-	// cert-manager  should renew the certificate. The default is 2/3 of the
+	// cert-manager should renew the certificate. The default is 2/3 of the
 	// issued certificate's duration. Minimum accepted value is 5 minutes.
 	// Value must be in units accepted by Go time.ParseDuration
 	// https://golang.org/pkg/time/#ParseDuration
diff --git a/pkg/internal/apis/certmanager/fuzzer/fuzzer.go b/pkg/internal/apis/certmanager/fuzzer/fuzzer.go
index 140cb9691..b440f5cc2 100644
--- a/pkg/internal/apis/certmanager/fuzzer/fuzzer.go
+++ b/pkg/internal/apis/certmanager/fuzzer/fuzzer.go
@@ -41,9 +41,6 @@ var Funcs = func(codecs runtimeserializer.CodecFactory) []interface{} {
 			if s.Spec.Duration == nil {
 				s.Spec.Duration = &metav1.Duration{Duration: v1.DefaultCertificateDuration}
 			}
-			if s.Spec.RenewBefore == nil {
-				s.Spec.RenewBefore = &metav1.Duration{Duration: v1.DefaultRenewBefore}
-			}
 		},
 		func(s *certmanager.CertificateRequest, c fuzz.Continue) {
 			c.FuzzNoCustom(s) // fuzz self without calling this function again