From b79e73f484599fdc3bd88d8ef678ef0cde81a411 Mon Sep 17 00:00:00 2001 From: Norwin Schnyder Date: Tue, 12 Dec 2023 18:23:31 +0100 Subject: [PATCH] fix controller-gen errors Signed-off-by: Norwin Schnyder --- deploy/crds/crd-certificates.yaml | 12 ++++++------ pkg/apis/certmanager/v1/types_certificate.go | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/deploy/crds/crd-certificates.yaml b/deploy/crds/crd-certificates.yaml index a2ee9b5a3..10163ad10 100644 --- a/deploy/crds/crd-certificates.yaml +++ b/deploy/crds/crd-certificates.yaml @@ -153,6 +153,12 @@ spec: - create - passwordSecretRef properties: + algorithm: + description: "Algorithm is the encryption and MAC algorithms used to create the PKCS12 keystore. \n If provided, allowed values are either `RC2-40-CBC:HMAC-SHA-1` or `AES-256-CBC:HMAC-SHA-2`. Default value is `RC2-40-CBC:HMAC-SHA-1` for backward compatibility. Note: By default, OpenSSL 3 can't decode PKCS#12 files created using `RC2-40-CBC:HMAC-SHA-1`." + type: string + enum: + - RC2-40-CBC:HMAC-SHA-1 + - AES-256-CBC:HMAC-SHA-2 create: description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority type: boolean @@ -168,12 +174,6 @@ spec: name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - algorithm: - description: "Algorithm is the encryption and MAC algorithms used to create the PKCS12 keystore. \n If provided, allowed values are either `RC2-40-CBC:HMAC-SHA-1` or `AES-256-CBC:HMAC-SHA-2`. Default value is `RC2-40-CBC:HMAC-SHA-1` for backward compatibility. Note: By default, OpenSSL 3 can't decode PKCS#12 files created using `RC2-40-CBC:HMAC-SHA-1`." - type: string - enum: - - RC2-40-CBC:HMAC-SHA-1 - - AES-256-CBC:HMAC-SHA-2 literalSubject: description: "Requested X.509 certificate subject, represented using the LDAP \"String Representation of a Distinguished Name\" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: `CN=foo,DC=corp,DC=example,DC=com` More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424 \n Cannot be set if the `subject` or `commonName` field is set. This is an Alpha Feature and is only enabled with the `--feature-gates=LiteralCertificateSubject=true` option set on both the controller and webhook components." type: string diff --git a/pkg/apis/certmanager/v1/types_certificate.go b/pkg/apis/certmanager/v1/types_certificate.go index 0726ade55..353da78bb 100644 --- a/pkg/apis/certmanager/v1/types_certificate.go +++ b/pkg/apis/certmanager/v1/types_certificate.go @@ -471,7 +471,7 @@ type PKCS12Keystore struct { Algorithm PKCS12Algorithm `json:"algorithm,omitempty"` } -// +kubebuilder:validation:Enum=RC2-40-CBC:HMAC-SHA-1;AES-256-CBC:HMAC-SHA-2 +// +kubebuilder:validation:Enum="RC2-40-CBC:HMAC-SHA-1";"AES-256-CBC:HMAC-SHA-2" type PKCS12Algorithm string const (