diff --git a/deploy/crds/crd-certificates.yaml b/deploy/crds/crd-certificates.yaml index d7c557a95..6e50df9d0 100644 --- a/deploy/crds/crd-certificates.yaml +++ b/deploy/crds/crd-certificates.yaml @@ -338,6 +338,9 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + issuanceAttempts: + description: The number of times certificate issuance has been attempted and failed for this revision (see the description of status.revision field). If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). This field will only be set if the issuance is currently failing. + type: integer lastFailureTime: description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. type: string diff --git a/internal/apis/certmanager/types_certificate.go b/internal/apis/certmanager/types_certificate.go index a1fa43da7..379cf6ba0 100644 --- a/internal/apis/certmanager/types_certificate.go +++ b/internal/apis/certmanager/types_certificate.go @@ -372,6 +372,14 @@ type CertificateStatus struct { // It will automatically unset this field when the Issuing condition is // not set or False. NextPrivateKeySecretName *string + + // The number of times certificate issuance has been attempted and + // failed for this revision (see the description of status.revision + // field). If an issuance has failed, the delay till the next issuance + // will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). + // This field will only be set if the issuance is currently failing. + // +optional + IssuanceAttempts *int `json:"issuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/internal/apis/certmanager/v1/zz_generated.conversion.go b/internal/apis/certmanager/v1/zz_generated.conversion.go index 7ef875da5..2c43b41a5 100644 --- a/internal/apis/certmanager/v1/zz_generated.conversion.go +++ b/internal/apis/certmanager/v1/zz_generated.conversion.go @@ -877,6 +877,7 @@ func autoConvert_v1_CertificateStatus_To_certmanager_CertificateStatus(in *v1.Ce out.RenewalTime = (*metav1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } @@ -893,6 +894,7 @@ func autoConvert_certmanager_CertificateStatus_To_v1_CertificateStatus(in *certm out.RenewalTime = (*metav1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } diff --git a/internal/apis/certmanager/v1alpha2/types_certificate.go b/internal/apis/certmanager/v1alpha2/types_certificate.go index 9504c605b..0211c7363 100644 --- a/internal/apis/certmanager/v1alpha2/types_certificate.go +++ b/internal/apis/certmanager/v1alpha2/types_certificate.go @@ -377,6 +377,14 @@ type CertificateStatus struct { // not set or False. // +optional NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` + + // The number of times certificate issuance has been attempted and + // failed for this revision (see the description of status.revision + // field). If an issuance has failed, the delay till the next issuance + // will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). + // This field will only be set if the issuance is currently failing. + // +optional + IssuanceAttempts *int `json:"issuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go b/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go index 27971cbc7..7604f6d08 100644 --- a/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go +++ b/internal/apis/certmanager/v1alpha2/zz_generated.conversion.go @@ -893,6 +893,7 @@ func autoConvert_v1alpha2_CertificateStatus_To_certmanager_CertificateStatus(in out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } @@ -909,6 +910,7 @@ func autoConvert_certmanager_CertificateStatus_To_v1alpha2_CertificateStatus(in out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } diff --git a/internal/apis/certmanager/v1alpha2/zz_generated.deepcopy.go b/internal/apis/certmanager/v1alpha2/zz_generated.deepcopy.go index f519c7bbc..315003394 100644 --- a/internal/apis/certmanager/v1alpha2/zz_generated.deepcopy.go +++ b/internal/apis/certmanager/v1alpha2/zz_generated.deepcopy.go @@ -521,6 +521,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.IssuanceAttempts != nil { + in, out := &in.IssuanceAttempts, &out.IssuanceAttempts + *out = new(int) + **out = **in + } return } diff --git a/internal/apis/certmanager/v1alpha3/types_certificate.go b/internal/apis/certmanager/v1alpha3/types_certificate.go index 42c5941f8..da82f3cab 100644 --- a/internal/apis/certmanager/v1alpha3/types_certificate.go +++ b/internal/apis/certmanager/v1alpha3/types_certificate.go @@ -384,6 +384,14 @@ type CertificateStatus struct { // not set or False. // +optional NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` + + // The number of times certificate issuance has been attempted and + // failed for this revision (see the description of status.revision + // field). If an issuance has failed, the delay till the next issuance + // will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). + // This field will only be set if the issuance is currently failing. + // +optional + IssuanceAttempts *int `json:"issuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go b/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go index 46082beef..7e873539f 100644 --- a/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go +++ b/internal/apis/certmanager/v1alpha3/zz_generated.conversion.go @@ -892,6 +892,7 @@ func autoConvert_v1alpha3_CertificateStatus_To_certmanager_CertificateStatus(in out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } @@ -908,6 +909,7 @@ func autoConvert_certmanager_CertificateStatus_To_v1alpha3_CertificateStatus(in out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } diff --git a/internal/apis/certmanager/v1alpha3/zz_generated.deepcopy.go b/internal/apis/certmanager/v1alpha3/zz_generated.deepcopy.go index 0c1b81ab6..3a2d19091 100644 --- a/internal/apis/certmanager/v1alpha3/zz_generated.deepcopy.go +++ b/internal/apis/certmanager/v1alpha3/zz_generated.deepcopy.go @@ -516,6 +516,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.IssuanceAttempts != nil { + in, out := &in.IssuanceAttempts, &out.IssuanceAttempts + *out = new(int) + **out = **in + } return } diff --git a/internal/apis/certmanager/v1beta1/types_certificate.go b/internal/apis/certmanager/v1beta1/types_certificate.go index bc6bcb711..ed0070250 100644 --- a/internal/apis/certmanager/v1beta1/types_certificate.go +++ b/internal/apis/certmanager/v1beta1/types_certificate.go @@ -382,6 +382,14 @@ type CertificateStatus struct { // not set or False. // +optional NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` + + // The number of times certificate issuance has been attempted and + // failed for this revision (see the description of status.revision + // field). If an issuance has failed, the delay till the next issuance + // will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). + // This field will only be set if the issuance is currently failing. + // +optional + IssuanceAttempts *int `json:"issuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/internal/apis/certmanager/v1beta1/zz_generated.conversion.go b/internal/apis/certmanager/v1beta1/zz_generated.conversion.go index 0dc61520c..4740693f2 100644 --- a/internal/apis/certmanager/v1beta1/zz_generated.conversion.go +++ b/internal/apis/certmanager/v1beta1/zz_generated.conversion.go @@ -885,6 +885,7 @@ func autoConvert_v1beta1_CertificateStatus_To_certmanager_CertificateStatus(in * out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } @@ -901,6 +902,7 @@ func autoConvert_certmanager_CertificateStatus_To_v1beta1_CertificateStatus(in * out.RenewalTime = (*v1.Time)(unsafe.Pointer(in.RenewalTime)) out.Revision = (*int)(unsafe.Pointer(in.Revision)) out.NextPrivateKeySecretName = (*string)(unsafe.Pointer(in.NextPrivateKeySecretName)) + out.IssuanceAttempts = (*int)(unsafe.Pointer(in.IssuanceAttempts)) return nil } diff --git a/internal/apis/certmanager/v1beta1/zz_generated.deepcopy.go b/internal/apis/certmanager/v1beta1/zz_generated.deepcopy.go index db10a6d80..5db3460a4 100644 --- a/internal/apis/certmanager/v1beta1/zz_generated.deepcopy.go +++ b/internal/apis/certmanager/v1beta1/zz_generated.deepcopy.go @@ -516,6 +516,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.IssuanceAttempts != nil { + in, out := &in.IssuanceAttempts, &out.IssuanceAttempts + *out = new(int) + **out = **in + } return } diff --git a/internal/apis/certmanager/zz_generated.deepcopy.go b/internal/apis/certmanager/zz_generated.deepcopy.go index 341996d56..8d7f2f68a 100644 --- a/internal/apis/certmanager/zz_generated.deepcopy.go +++ b/internal/apis/certmanager/zz_generated.deepcopy.go @@ -516,6 +516,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.IssuanceAttempts != nil { + in, out := &in.IssuanceAttempts, &out.IssuanceAttempts + *out = new(int) + **out = **in + } return } diff --git a/pkg/apis/certmanager/v1/types_certificate.go b/pkg/apis/certmanager/v1/types_certificate.go index 9fb115300..f595e99cc 100644 --- a/pkg/apis/certmanager/v1/types_certificate.go +++ b/pkg/apis/certmanager/v1/types_certificate.go @@ -437,6 +437,14 @@ type CertificateStatus struct { // not set or False. // +optional NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` + + // The number of times certificate issuance has been attempted and + // failed for this revision (see the description of status.revision + // field). If an issuance has failed, the delay till the next issuance + // will be calculated using formula time.Hour * 2 ^ (issuanceAttempts - 1). + // This field will only be set if the issuance is currently failing. + // +optional + IssuanceAttempts *int `json:"issuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/pkg/apis/certmanager/v1/zz_generated.deepcopy.go b/pkg/apis/certmanager/v1/zz_generated.deepcopy.go index 6b01938d3..6038a6111 100644 --- a/pkg/apis/certmanager/v1/zz_generated.deepcopy.go +++ b/pkg/apis/certmanager/v1/zz_generated.deepcopy.go @@ -516,6 +516,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.IssuanceAttempts != nil { + in, out := &in.IssuanceAttempts, &out.IssuanceAttempts + *out = new(int) + **out = **in + } return }