fix controller-gen errors

Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>
2023-12-12 18:23:31 +01:00 · 2023-12-12 18:23:31 +01:00 · b79e73f484
commit b79e73f484
parent 56dcb3e1dd
2 changed files with 7 additions and 7 deletions
--- a/deploy/crds/crd-certificates.yaml
+++ b/deploy/crds/crd-certificates.yaml
@ -153,6 +153,12 @@ spec:
                        - create
                        - passwordSecretRef
                      properties:
+                        algorithm:
+                          description: "Algorithm is the encryption and MAC algorithms used to create the PKCS12 keystore. \n If provided, allowed values are either `RC2-40-CBC:HMAC-SHA-1` or `AES-256-CBC:HMAC-SHA-2`. Default value is `RC2-40-CBC:HMAC-SHA-1` for backward compatibility. Note: By default, OpenSSL 3 can't decode PKCS#12 files created using `RC2-40-CBC:HMAC-SHA-1`."
+                          type: string
+                          enum:
+                            - RC2-40-CBC:HMAC-SHA-1
+                            - AES-256-CBC:HMAC-SHA-2
                        create:
                          description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority
                          type: boolean
@ -168,12 +174,6 @@ spec:
                            name:
                              description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
                              type: string
-                        algorithm:
-                          description: "Algorithm is the encryption and MAC algorithms used to create the PKCS12 keystore. \n If provided, allowed values are either `RC2-40-CBC:HMAC-SHA-1` or `AES-256-CBC:HMAC-SHA-2`. Default value is `RC2-40-CBC:HMAC-SHA-1` for backward compatibility. Note: By default, OpenSSL 3 can't decode PKCS#12 files created using `RC2-40-CBC:HMAC-SHA-1`."
-                          type: string
-                          enum:
-                            - RC2-40-CBC:HMAC-SHA-1
-                            - AES-256-CBC:HMAC-SHA-2
                literalSubject:
                  description: "Requested X.509 certificate subject, represented using the LDAP \"String Representation of a Distinguished Name\" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: `CN=foo,DC=corp,DC=example,DC=com` More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424 \n Cannot be set if the `subject` or `commonName` field is set. This is an Alpha Feature and is only enabled with the `--feature-gates=LiteralCertificateSubject=true` option set on both the controller and webhook components."
                  type: string
--- a/pkg/apis/certmanager/v1/types_certificate.go
+++ b/pkg/apis/certmanager/v1/types_certificate.go
@ -471,7 +471,7 @@ type PKCS12Keystore struct {
 	Algorithm PKCS12Algorithm `json:"algorithm,omitempty"`
 }

-// +kubebuilder:validation:Enum=RC2-40-CBC:HMAC-SHA-1;AES-256-CBC:HMAC-SHA-2
+// +kubebuilder:validation:Enum="RC2-40-CBC:HMAC-SHA-1";"AES-256-CBC:HMAC-SHA-2"
 type PKCS12Algorithm string

 const (