Merge pull request #3693 from irbekrm/3683_remove_renew_before_expiry_flag

Removes the deprecated renew-before-expiry flag
2021-02-22 11:50:47 +01:00 · 2021-02-22 11:50:47 +01:00 · a43e3309c2
commit a43e3309c2
parent a2427c5b45 b852e97ffb
5 changed files with 2 additions and 17 deletions
--- a/cmd/controller/app/controller.go
+++ b/cmd/controller/app/controller.go
@ -238,8 +238,7 @@ func buildControllerContext(ctx context.Context, stopCh <-chan struct{}, opts *o
 			DefaultAutoCertificateAnnotations: opts.DefaultAutoCertificateAnnotations,
 		},
 		CertificateOptions: controller.CertificateOptions{
-			EnableOwnerRef:            opts.EnableCertificateOwnerRef,
-			RenewBeforeExpiryDuration: opts.RenewBeforeExpiryDuration,
+			EnableOwnerRef: opts.EnableCertificateOwnerRef,
 		},
 		SchedulerOptions: controller.SchedulerOptions{
 			MaxConcurrentChallenges: opts.MaxConcurrentChallenges,
--- a/cmd/controller/app/options/BUILD.bazel
+++ b/cmd/controller/app/options/BUILD.bazel
@ -7,7 +7,6 @@ go_library(
    visibility = ["//visibility:public"],
    deps = [
        "//pkg/apis/certmanager:go_default_library",
-        "//pkg/apis/certmanager/v1:go_default_library",
        "//pkg/controller/acmechallenges:go_default_library",
        "//pkg/controller/acmeorders:go_default_library",
        "//pkg/controller/certificaterequests/acme:go_default_library",
--- a/cmd/controller/app/options/options.go
+++ b/cmd/controller/app/options/options.go
@ -24,7 +24,6 @@ import (
 	"github.com/spf13/pflag"

 	cm "github.com/jetstack/cert-manager/pkg/apis/certmanager"
-	cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 	challengescontroller "github.com/jetstack/cert-manager/pkg/controller/acmechallenges"
 	orderscontroller "github.com/jetstack/cert-manager/pkg/controller/acmeorders"
 	cracmecontroller "github.com/jetstack/cert-manager/pkg/controller/certificaterequests/acme"
@ -69,7 +68,6 @@ type ControllerOptions struct {

 	ClusterIssuerAmbientCredentials bool
 	IssuerAmbientCredentials        bool
-	RenewBeforeExpiryDuration       time.Duration

 	// Default issuer/certificates details consumed by ingress-shim
 	DefaultIssuerName                 string
@ -114,7 +112,6 @@ const (

 	defaultClusterIssuerAmbientCredentials = true
 	defaultIssuerAmbientCredentials        = false
-	defaultRenewBeforeExpiryDuration       = cmapi.DefaultRenewBefore

 	defaultTLSACMEIssuerName         = ""
 	defaultTLSACMEIssuerKind         = "Issuer"
@ -175,7 +172,6 @@ func NewControllerOptions() *ControllerOptions {
 		EnabledControllers:                defaultEnabledControllers,
 		ClusterIssuerAmbientCredentials:   defaultClusterIssuerAmbientCredentials,
 		IssuerAmbientCredentials:          defaultIssuerAmbientCredentials,
-		RenewBeforeExpiryDuration:         defaultRenewBeforeExpiryDuration,
 		DefaultIssuerName:                 defaultTLSACMEIssuerName,
 		DefaultIssuerKind:                 defaultTLSACMEIssuerKind,
 		DefaultIssuerGroup:                defaultTLSACMEIssuerGroup,
@ -249,11 +245,6 @@ func (s *ControllerOptions) AddFlags(fs *pflag.FlagSet) {
 		"Whether an issuer may make use of ambient credentials. 'Ambient Credentials' are credentials drawn from the environment, metadata services, or local files which are not explicitly configured in the Issuer API object. "+
 		"When this flag is enabled, the following sources for credentials are also used: "+
 		"AWS - All sources the Go SDK defaults to, notably including any EC2 IAM roles available via instance metadata.")
-	fs.DurationVar(&s.RenewBeforeExpiryDuration, "renew-before-expiry-duration", defaultRenewBeforeExpiryDuration, ""+
-		"The default 'renew before expiry' time for Certificates. "+
-		"Once a certificate is within this duration until expiry, a new Certificate "+
-		"will be attempted to be issued.")
-	fs.MarkDeprecated("renew-before-expiry-duration", "Deprecated. Please set the Certificate.Spec.RenewBefore field.")
 	fs.StringSliceVar(&s.DefaultAutoCertificateAnnotations, "auto-certificate-annotations", defaultAutoCertificateAnnotations, ""+
 		"The annotation consumed by the ingress-shim controller to indicate a ingress is requesting a certificate")

--- a/pkg/controller/certificates/readiness/readiness_controller.go
+++ b/pkg/controller/certificates/readiness/readiness_controller.go
@ -215,7 +215,7 @@ func (c *controllerWrapper) Register(ctx *controllerpkg.Context) (workqueue.Rate
 		ctx.KubeSharedInformerFactory,
 		ctx.SharedInformerFactory,
 		PolicyChain,
-		ctx.CertificateOptions.RenewBeforeExpiryDuration,
+		cmapi.DefaultRenewBefore,
 	)
 	c.controller = ctrl

--- a/pkg/controller/context.go
+++ b/pkg/controller/context.go
@ -138,10 +138,6 @@ type CertificateOptions struct {
 	// EnableOwnerRef controls whether the certificate is configured as an owner of
 	// secret where the effective TLS certificate is stored.
 	EnableOwnerRef bool
-	// RenewBeforeExpiryDuration is the default 'renew before expiry' time for Certificates.
-	// Once a certificate is within this duration until expiry, a new Certificate
-	// will be attempted to be issued.
-	RenewBeforeExpiryDuration time.Duration
 }

 type SchedulerOptions struct {