From 87f91a6e8e17494c1bacf3b40d37e3c2ed39bada Mon Sep 17 00:00:00 2001
From: James Munnelly <james@munnelly.eu>
Date: Wed, 28 Nov 2018 19:18:09 +0000
Subject: [PATCH] Add explicit check for certificate.spec.acme when issuing
 acme certificates

Signed-off-by: James Munnelly <james@munnelly.eu>
---
 pkg/controller/certificates/sync.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/pkg/controller/certificates/sync.go b/pkg/controller/certificates/sync.go
index c02f6932f..661ec3dae 100644
--- a/pkg/controller/certificates/sync.go
+++ b/pkg/controller/certificates/sync.go
@@ -115,6 +115,13 @@ func (c *Controller) Sync(ctx context.Context, crt *v1alpha1.Certificate) (reque
 		return false, nil
 	}
 
+	// If this is an ACME certificate, ensure the certificate.spec.acme field is
+	// non-nil
+	if issuerObj.GetSpec().ACME != nil && crtCopy.Spec.ACME == nil {
+		c.Recorder.Eventf(crtCopy, corev1.EventTypeWarning, "BadConfig", "spec.acme field must be set")
+		return false, nil
+	}
+
 	issuerReady := issuerObj.HasCondition(v1alpha1.IssuerCondition{
 		Type:   v1alpha1.IssuerConditionReady,
 		Status: v1alpha1.ConditionTrue,