spelling: certificate

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

deploy/charts/cert-manager/crds/clusterissuers.yaml

@@ -1673,7 +1673,7 @@ spec:
                   - url
                   properties:
                     caBundle:
-                      description: CABundle is a PEM encoded TLS certifiate to use
+                      description: CABundle is a PEM encoded TLS certificate to use
                         to verify connections to the TPP instance. If specified, system
                         roots will not be used and the issuing CA for the TPP instance
                         must be verifiable using the provided root. If not specified,

deploy/charts/cert-manager/crds/issuers.yaml

@@ -1673,7 +1673,7 @@ spec:
                   - url
                   properties:
                     caBundle:
-                      description: CABundle is a PEM encoded TLS certifiate to use
+                      description: CABundle is a PEM encoded TLS certificate to use
                         to verify connections to the TPP instance. If specified, system
                         roots will not be used and the issuing CA for the TPP instance
                         must be verifiable using the provided root. If not specified,

deploy/manifests/00-crds.yaml

@@ -3823,7 +3823,7 @@ spec:
                   - url
                   properties:
                     caBundle:
-                      description: CABundle is a PEM encoded TLS certifiate to use
+                      description: CABundle is a PEM encoded TLS certificate to use
                         to verify connections to the TPP instance. If specified, system
                         roots will not be used and the issuing CA for the TPP instance
                         must be verifiable using the provided root. If not specified,
@@ -5577,7 +5577,7 @@ spec:
                   - url
                   properties:
                     caBundle:
-                      description: CABundle is a PEM encoded TLS certifiate to use
+                      description: CABundle is a PEM encoded TLS certificate to use
                         to verify connections to the TPP instance. If specified, system
                         roots will not be used and the issuing CA for the TPP instance
                         must be verifiable using the provided root. If not specified,

design/20190708.certificate-request-crd.md

@@ -217,7 +217,7 @@ the `CertificateRequest` fails for any reason then this field is set to the
 current time. This field can then be used by a higher order controller, such as
 the `Certificate` controller, to take further action and facilitate a backoff.
 
-The `Certificte` controller will retry all failed `CetificateRequest` resources
+The `Certificate` controller will retry all failed `CertificateRequest` resources
 by creating a new request with an identical Spec, only when the `FailureTime`
 field is a least 1 hour in the past. The old failed `CertificateRequest` will be
 deleted and the new `CertificateRequest` resource will be created with the same
@@ -238,7 +238,7 @@ In order for `CertificateRequest` controllers to resolve requests, extra
 information may be needed that is not present in the API Spec. To pass on this
 information, a set of one or more annotations should be defined, with reliable
 value pairs. These annotations should be considered optional. Any
-`CertificiateRequest` controller that relies on these to function should
+`CertificateRequest` controller that relies on these to function should
 fallback gracefully or be marked as failed in the event a required annotation is
 missing. The currently defined annotations are:
 

design/release-notes/release-0.11/draft-release-notes.md

@@ -199,7 +199,7 @@ the temporary.
 
 In this release, no temporary certificates will be created unless explicitly
 requested. This can be done using the annotation
-`"cert-manager.io/issue-temporary-certificate": "true` on `Certifcate`
+`"cert-manager.io/issue-temporary-certificate": "true` on `Certificate`
 resources.
 
 We've additionally changed the behaviour of ingress-shim to now add this new

design/release-notes/release-0.7/draft-release-notes.md

@@ -67,7 +67,7 @@ kubectl describe.
 - Bump Kubernetes apimachinery dependencies to v1.10.12 (#1344, @munnerz)
 - Increase acmesolver default cpu resource limit to 100m (#1335, @munnerz)
 - Fix potential race when updating secret resource (#1318, @munnerz)
-- Fix bug causing certficates to be re-issued endlessly in certain edge cases (#1280, @munnerz)
+- Fix bug causing certificates to be re-issued endlessly in certain edge cases (#1280, @munnerz)
 - Fix bug when specify certificate keyAlgorithm without an explicit keySize (#1309, @munnerz)
 - Bump Go version to 1.11.5 (#1304, @munnerz)
 - Fix typo in SelfSigned Issuer in webhook deployment manifests (#1294, @munnerz)

pkg/apis/certmanager/v1alpha2/types_issuer.go

@@ -127,7 +127,7 @@ type VenafiTPP struct {
 	// The secret must contain two keys, 'username' and 'password'.
 	CredentialsRef cmmeta.LocalObjectReference `json:"credentialsRef"`
 
-	// CABundle is a PEM encoded TLS certifiate to use to verify connections to
+	// CABundle is a PEM encoded TLS certificate to use to verify connections to
 	// the TPP instance.
 	// If specified, system roots will not be used and the issuing CA for the
 	// TPP instance must be verifiable using the provided root.

pkg/apis/certmanager/v1alpha3/types_issuer.go

@@ -127,7 +127,7 @@ type VenafiTPP struct {
 	// The secret must contain two keys, 'username' and 'password'.
 	CredentialsRef cmmeta.LocalObjectReference `json:"credentialsRef"`
 
-	// CABundle is a PEM encoded TLS certifiate to use to verify connections to
+	// CABundle is a PEM encoded TLS certificate to use to verify connections to
 	// the TPP instance.
 	// If specified, system roots will not be used and the issuing CA for the
 	// TPP instance must be verifiable using the provided root.

pkg/controller/acmeorders/checks.go

@@ -51,7 +51,7 @@ func (c *controller) ordersForGenericIssuer(iss cmapi.GenericIssuer) ([]*cmacme.
 	orders, err := c.orderLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	_, isClusterIssuer := iss.(*cmapi.ClusterIssuer)

pkg/controller/certificaterequests/checks.go

@@ -55,7 +55,7 @@ func (c *Controller) certificatesRequestsForGenericIssuer(iss cmapi.GenericIssue
 	crts, err := c.certificateRequestLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	_, isClusterIssuer := iss.(*cmapi.ClusterIssuer)

pkg/controller/certificates/checks.go

@@ -61,7 +61,7 @@ func certificatesForSecret(certificateLister cmlisters.CertificateLister, secret
 	crts, err := certificateLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	var affected []*cmapi.Certificate

pkg/controller/clusterissuers/checks.go

@@ -29,7 +29,7 @@ func (c *controller) issuersForSecret(secret *corev1.Secret) ([]*v1alpha2.Cluste
 	issuers, err := c.clusterIssuerLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	var affected []*v1alpha2.ClusterIssuer

pkg/controller/ingress-shim/checks.go

@@ -30,7 +30,7 @@ func (c *controller) ingressesForCertificate(crt *v1alpha2.Certificate) ([]*extv
 	ings, err := c.ingressLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	var affected []*extv1beta1.Ingress

pkg/controller/issuers/checks.go

@@ -29,7 +29,7 @@ func (c *controller) issuersForSecret(secret *corev1.Secret) ([]*v1alpha2.Issuer
 	issuers, err := c.issuerLister.List(labels.NewSelector())
 
 	if err != nil {
-		return nil, fmt.Errorf("error listing certificiates: %s", err.Error())
+		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
 	}
 
 	var affected []*v1alpha2.Issuer

pkg/internal/apis/certmanager/types_issuer.go

@@ -108,7 +108,7 @@ type VenafiTPP struct {
 	// The secret must contain two keys, 'username' and 'password'.
 	CredentialsRef cmmeta.LocalObjectReference
 
-	// CABundle is a PEM encoded TLS certifiate to use to verify connections to
+	// CABundle is a PEM encoded TLS certificate to use to verify connections to
 	// the TPP instance.
 	// If specified, system roots will not be used and the issuing CA for the
 	// TPP instance must be verifiable using the provided root.

pkg/internal/venafi/sign_test.go

@@ -77,7 +77,7 @@ func checkCertificateIssued(t *testing.T, csrPEM []byte, resp []byte) {
 	}
 }
 
-func checkNoCetificateIssued(t *testing.T, csrPEM []byte, resp []byte) {
+func checkNoCertificateIssued(t *testing.T, csrPEM []byte, resp []byte) {
 	if len(resp) > 0 {
 		t.Errorf("expected no response with error but got=%s", resp)
 	}
@@ -117,7 +117,7 @@ func TestSign(t *testing.T) {
 	tests := map[string]testSignT{
 		"if reading the zone configuration fails then error": {
 			csrPEM:      csrPEM,
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 			client: internalfake.Connector{
 				ReadZoneConfigurationFunc: func() (*endpoint.ZoneConfiguration, error) {
@@ -127,7 +127,7 @@ func TestSign(t *testing.T) {
 		},
 		"if validating the certificate fails then error": {
 			csrPEM:      csrPEM,
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 			client: internalfake.Connector{
 				ReadZoneConfigurationFunc: func() (*endpoint.ZoneConfiguration, error) {
@@ -141,7 +141,7 @@ func TestSign(t *testing.T) {
 		},
 		"a badly formed CSR should error": {
 			csrPEM:      []byte("a badly formed CSR"),
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 		},
 		"if requesting the certificate fails, sign should error": {
@@ -151,7 +151,7 @@ func TestSign(t *testing.T) {
 					return "", errors.New("request error")
 				},
 			}.Default(),
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 		},
 		"if retrive certificate fails, sign should error": {
@@ -161,12 +161,12 @@ func TestSign(t *testing.T) {
 					return nil, errors.New("request error")
 				},
 			}.Default(),
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 		},
 		"if no Common Name, DNS Name, or URI SANs in CSR then error": {
 			csrPEM:      csrNonePEM,
-			checkFn:     checkNoCetificateIssued,
+			checkFn:     checkNoCertificateIssued,
 			expectedErr: true,
 		},
 		"obtain a certificate with DNS names specified": {
@@ -194,7 +194,7 @@ func TestSign(t *testing.T) {
 		"If invalid custom field type found the error": {
 			csrPEM:       csrPEM,
 			customFields: []internalvanafiapi.CustomField{{Name: "test", Value: "ok", Type: "Bool"}},
-			checkFn:      checkNoCetificateIssued,
+			checkFn:      checkNoCertificateIssued,
 			expectedErr:  true,
 		},
 	}