For now, the vault issuer will also not store it's CA certificate

Signed-off-by: Max Ehrlich <max.ehr@gmail.com>

pkg/issuer/vault/issue.go

@@ -48,17 +48,17 @@ const (
 	defaultCertificateDuration = time.Hour * 24 * 90
 )
 
-func (v *Vault) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, error) {
+func (v *Vault) Issue(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, []byte, error) {
 	key, certPem, err := v.obtainCertificate(ctx, crt)
 	if err != nil {
 		s := messageErrorIssueCert + err.Error()
 		crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorIssueCert, s, false)
-		return nil, nil, err
+		return nil, nil, nil, err
 	}
 
 	crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionTrue, successCertIssued, messageCertIssued, true)
 
-	return key, certPem, nil
+	return key, certPem, nil, nil
 }
 
 func (v *Vault) obtainCertificate(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, error) {

pkg/issuer/vault/renew.go

@@ -30,15 +30,15 @@ const (
 	messageCertRenewed = "Certificate renewed successfully"
 )
 
-func (c *Vault) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, error) {
+func (c *Vault) Renew(ctx context.Context, crt *v1alpha1.Certificate) ([]byte, []byte, []byte, error) {
 	key, cert, err := c.obtainCertificate(ctx, crt)
 	if err != nil {
 		s := messageErrorRenewCert + err.Error()
 		crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionFalse, errorRenewCert, s, false)
-		return nil, nil, err
+		return nil, nil, nil, err
 	}
 
 	crt.UpdateStatusCondition(v1alpha1.CertificateConditionReady, v1alpha1.ConditionTrue, successCertRenewed, messageCertRenewed, true)
 
-	return key, cert, err
+	return key, cert, nil, err
 }