From 294d8ae93ddae499e4fccc1337843f623ca3eb95 Mon Sep 17 00:00:00 2001 From: JoshVanL Date: Mon, 22 Jul 2019 14:17:40 +0100 Subject: [PATCH] Move IssuerKind to ./pkg/util Signed-off-by: JoshVanL --- .../certificaterequests/BUILD.bazel | 1 + .../certificaterequests/ca/BUILD.bazel | 1 + pkg/controller/certificaterequests/ca/ca.go | 5 ++-- pkg/controller/certificaterequests/sync.go | 13 ++------- .../certificates/certificate_request.go | 3 +- pkg/controller/certificates/sync.go | 12 ++------ pkg/util/BUILD.bazel | 2 ++ pkg/util/issuer.go | 29 +++++++++++++++++++ 8 files changed, 43 insertions(+), 23 deletions(-) create mode 100644 pkg/util/issuer.go diff --git a/pkg/controller/certificaterequests/BUILD.bazel b/pkg/controller/certificaterequests/BUILD.bazel index 10db1451a..0a7317430 100644 --- a/pkg/controller/certificaterequests/BUILD.bazel +++ b/pkg/controller/certificaterequests/BUILD.bazel @@ -20,6 +20,7 @@ go_library( "//pkg/issuer:go_default_library", "//pkg/logs:go_default_library", "//pkg/metrics:go_default_library", + "//pkg/util:go_default_library", "//pkg/util/pki:go_default_library", "//vendor/github.com/go-logr/logr:go_default_library", "//vendor/github.com/kr/pretty:go_default_library", diff --git a/pkg/controller/certificaterequests/ca/BUILD.bazel b/pkg/controller/certificaterequests/ca/BUILD.bazel index 2f111174b..8b7c9510b 100644 --- a/pkg/controller/certificaterequests/ca/BUILD.bazel +++ b/pkg/controller/certificaterequests/ca/BUILD.bazel @@ -12,6 +12,7 @@ go_library( "//pkg/controller/certificaterequests:go_default_library", "//pkg/issuer:go_default_library", "//pkg/logs:go_default_library", + "//pkg/util:go_default_library", "//pkg/util/kube:go_default_library", "//pkg/util/pki:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", diff --git a/pkg/controller/certificaterequests/ca/ca.go b/pkg/controller/certificaterequests/ca/ca.go index 001a2929a..514d47704 100644 --- a/pkg/controller/certificaterequests/ca/ca.go +++ b/pkg/controller/certificaterequests/ca/ca.go @@ -31,6 +31,7 @@ import ( "github.com/jetstack/cert-manager/pkg/controller/certificaterequests" "github.com/jetstack/cert-manager/pkg/issuer" logf "github.com/jetstack/cert-manager/pkg/logs" + "github.com/jetstack/cert-manager/pkg/util" "github.com/jetstack/cert-manager/pkg/util/kube" "github.com/jetstack/cert-manager/pkg/util/pki" ) @@ -83,7 +84,7 @@ func (c *CA) Sign(ctx context.Context, cr *v1alpha1.CertificateRequest) (*issuer if k8sErrors.IsNotFound(err) { apiutil.SetCertificateRequestCondition(cr, v1alpha1.CertificateRequestConditionReady, v1alpha1.ConditionFalse, v1alpha1.CertificateRequestReasonPending, - fmt.Sprintf("Referenced %s not found", certificaterequests.IssuerKind(cr))) + fmt.Sprintf("Referenced %s not found", util.IssuerKind(cr.Spec.IssuerRef))) c.recorder.Event(cr, corev1.EventTypeWarning, v1alpha1.CertificateRequestReasonPending, err.Error()) @@ -114,7 +115,7 @@ func (c *CA) Sign(ctx context.Context, cr *v1alpha1.CertificateRequest) (*issuer if err != nil { apiutil.SetCertificateRequestCondition(cr, v1alpha1.CertificateRequestConditionReady, v1alpha1.ConditionFalse, v1alpha1.CertificateRequestReasonPending, - fmt.Sprintf("Referenced %s not found", certificaterequests.IssuerKind(cr))) + fmt.Sprintf("Referenced %s not found", util.IssuerKind(cr.Spec.IssuerRef))) log.Error(err, "error generating certificate template") c.recorder.Eventf(cr, corev1.EventTypeWarning, "ErrorSigning", "Error generating certificate template: %v", err) diff --git a/pkg/controller/certificaterequests/sync.go b/pkg/controller/certificaterequests/sync.go index c84dc7b45..695b9254e 100644 --- a/pkg/controller/certificaterequests/sync.go +++ b/pkg/controller/certificaterequests/sync.go @@ -32,6 +32,7 @@ import ( "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack/cert-manager/pkg/apis/certmanager/validation" logf "github.com/jetstack/cert-manager/pkg/logs" + "github.com/jetstack/cert-manager/pkg/util" "github.com/jetstack/cert-manager/pkg/util/pki" ) @@ -68,7 +69,7 @@ func (c *Controller) Sync(ctx context.Context, cr *v1alpha1.CertificateRequest) if k8sErrors.IsNotFound(err) { apiutil.SetCertificateRequestCondition(crCopy, v1alpha1.CertificateRequestConditionReady, v1alpha1.ConditionFalse, v1alpha1.CertificateRequestReasonPending, - fmt.Sprintf("Referenced %s not found", IssuerKind(crCopy))) + fmt.Sprintf("Referenced %s not found", util.IssuerKind(crCopy.Spec.IssuerRef))) c.recorder.Eventf(crCopy, corev1.EventTypeWarning, v1alpha1.CertificateRequestReasonPending, err.Error()) @@ -92,7 +93,7 @@ func (c *Controller) Sync(ctx context.Context, cr *v1alpha1.CertificateRequest) if err != nil { apiutil.SetCertificateRequestCondition(crCopy, v1alpha1.CertificateRequestConditionReady, v1alpha1.ConditionFalse, v1alpha1.CertificateRequestReasonPending, - fmt.Sprintf("Referenced %s not found", IssuerKind(crCopy))) + fmt.Sprintf("Referenced %s not found", util.IssuerKind(crCopy.Spec.IssuerRef))) c.recorder.Eventf(crCopy, corev1.EventTypeWarning, v1alpha1.CertificateRequestReasonPending, err.Error()) log.Error(err, "failed to obtain referenced issuer type") @@ -192,11 +193,3 @@ func (c *Controller) updateCertificateRequestStatus(ctx context.Context, old, ne // for CRDs (https://github.com/kubernetes/kubernetes/issues/38113) return c.cmClient.CertmanagerV1alpha1().CertificateRequests(new.Namespace).Update(new) } - -// issuerKind returns the kind of issuer for a certificaterequest -func IssuerKind(cr *v1alpha1.CertificateRequest) string { - if cr.Spec.IssuerRef.Kind == "" { - return v1alpha1.IssuerKind - } - return cr.Spec.IssuerRef.Kind -} diff --git a/pkg/controller/certificates/certificate_request.go b/pkg/controller/certificates/certificate_request.go index e6d22fbeb..40bcf189d 100644 --- a/pkg/controller/certificates/certificate_request.go +++ b/pkg/controller/certificates/certificate_request.go @@ -51,6 +51,7 @@ import ( logf "github.com/jetstack/cert-manager/pkg/logs" "github.com/jetstack/cert-manager/pkg/metrics" "github.com/jetstack/cert-manager/pkg/scheduler" + "github.com/jetstack/cert-manager/pkg/util" "github.com/jetstack/cert-manager/pkg/util/errors" "github.com/jetstack/cert-manager/pkg/util/kube" "github.com/jetstack/cert-manager/pkg/util/pki" @@ -894,7 +895,7 @@ func setSecretValues(ctx context.Context, crt *cmapi.Certificate, s *corev1.Secr s.Annotations[cmapi.CertificateNameKey] = crt.Name s.Annotations[cmapi.IssuerNameAnnotationKey] = crt.Spec.IssuerRef.Name - s.Annotations[cmapi.IssuerKindAnnotationKey] = issuerKind(crt.Spec.IssuerRef) + s.Annotations[cmapi.IssuerKindAnnotationKey] = util.IssuerKind(crt.Spec.IssuerRef) // if the certificate data is empty, clear the subject related annotations if len(data.cert) == 0 { diff --git a/pkg/controller/certificates/sync.go b/pkg/controller/certificates/sync.go index daef14f79..70af18449 100644 --- a/pkg/controller/certificates/sync.go +++ b/pkg/controller/certificates/sync.go @@ -294,7 +294,7 @@ func certificateMatchesSpec(crt *v1alpha1.Certificate, key crypto.Signer, cert * } // validate that the issuer kind is correct - if issuerKind(crt.Spec.IssuerRef) != secret.Annotations[v1alpha1.IssuerKindAnnotationKey] { + if util.IssuerKind(crt.Spec.IssuerRef) != secret.Annotations[v1alpha1.IssuerKindAnnotationKey] { errs = append(errs, fmt.Sprintf("Issuer kind of the certificate is not up to date: %q", secret.Annotations[v1alpha1.IssuerKindAnnotationKey])) } @@ -329,14 +329,6 @@ func scheduleRenewal(ctx context.Context, lister corelisters.SecretLister, calc log.WithValues("duration_until_renewal", renewIn.String()).Info("certificate scheduled for renewal") } -// issuerKind returns the kind of issuer for a certificate -func issuerKind(ref v1alpha1.ObjectReference) string { - if ref.Kind == "" { - return v1alpha1.IssuerKind - } - return ref.Kind -} - func ownerRef(crt *v1alpha1.Certificate) metav1.OwnerReference { controller := true return metav1.OwnerReference{ @@ -450,7 +442,7 @@ func (c *controller) updateSecret(ctx context.Context, crt *v1alpha1.Certificate // not just when a new certificate is issued if x509Cert != nil { secret.Annotations[v1alpha1.IssuerNameAnnotationKey] = crt.Spec.IssuerRef.Name - secret.Annotations[v1alpha1.IssuerKindAnnotationKey] = issuerKind(crt.Spec.IssuerRef) + secret.Annotations[v1alpha1.IssuerKindAnnotationKey] = util.IssuerKind(crt.Spec.IssuerRef) secret.Annotations[v1alpha1.CommonNameAnnotationKey] = x509Cert.Subject.CommonName secret.Annotations[v1alpha1.AltNamesAnnotationKey] = strings.Join(x509Cert.DNSNames, ",") secret.Annotations[v1alpha1.IPSANAnnotationKey] = strings.Join(pki.IPAddressesToString(x509Cert.IPAddresses), ",") diff --git a/pkg/util/BUILD.bazel b/pkg/util/BUILD.bazel index 732110067..8351980c7 100644 --- a/pkg/util/BUILD.bazel +++ b/pkg/util/BUILD.bazel @@ -5,6 +5,7 @@ go_library( srcs = [ "context.go", "ingress.go", + "issuer.go", "useragent.go", "util.go", "version.go", @@ -16,6 +17,7 @@ go_library( "AppGitCommit": "{STABLE_APP_GIT_COMMIT}", "AppGitState": "{STABLE_APP_GIT_STATE}", }, + deps = ["//pkg/apis/certmanager/v1alpha1:go_default_library"], ) go_test( diff --git a/pkg/util/issuer.go b/pkg/util/issuer.go new file mode 100644 index 000000000..c90b0b28d --- /dev/null +++ b/pkg/util/issuer.go @@ -0,0 +1,29 @@ +/* +Copyright 2019 The Jetstack cert-manager contributors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package util + +import ( + "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha1" +) + +// issuerKind returns the kind of issuer for a certificate +func IssuerKind(ref v1alpha1.ObjectReference) string { + if ref.Kind == "" { + return v1alpha1.IssuerKind + } + return ref.Kind +}