From c2cbbe0145d29af600f91b15ba367aa244e949bd Mon Sep 17 00:00:00 2001
From: James Munnelly <james.munnelly@jetstack.io>
Date: Sun, 10 Sep 2017 20:38:07 +0100
Subject: [PATCH] Add CA field to Issuer

---
 pkg/apis/certmanager/v1alpha1/types.go        | 107 +++++++++---------
 .../v1alpha1/zz_generated.deepcopy.go         |  30 +++++
 2 files changed, 86 insertions(+), 51 deletions(-)

diff --git a/pkg/apis/certmanager/v1alpha1/types.go b/pkg/apis/certmanager/v1alpha1/types.go
index 1a2e4b00e..399add10a 100644
--- a/pkg/apis/certmanager/v1alpha1/types.go
+++ b/pkg/apis/certmanager/v1alpha1/types.go
@@ -47,6 +47,62 @@ type IssuerList struct {
 // configuration required for the issuer.
 type IssuerSpec struct {
 	ACME *ACMEIssuer `json:"acme,omitempty"`
+	CA   *CAIssuer   `json:"ca,omitempty"`
+}
+
+type CAIssuer struct {
+	SecretRef LocalObjectReference `json:"secretRef"`
+}
+
+// ACMEIssuer contains the specification for an ACME issuer
+type ACMEIssuer struct {
+	// Email is the email for this account
+	Email string `json:"email"`
+	// Server is the ACME server URL
+	Server string `json:"server"`
+	// PrivateKey is the name of a secret containing the private key for this
+	// user account.
+	PrivateKey string `json:"privateKey"`
+	// DNS-01 config
+	DNS01 *ACMEIssuerDNS01Config `json:"dns-01"`
+}
+
+// ACMEIssuerDNS01Config is a structure containing the ACME DNS configuration
+// option. One and only one of the fields within it should be set, when the
+// ACME challenge type is set to dns-01
+type ACMEIssuerDNS01Config struct {
+	Providers []ACMEIssuerDNS01Provider `json:"providers"`
+}
+
+type ACMEIssuerDNS01Provider struct {
+	Name string `json:"name"`
+
+	CloudDNS   *ACMEIssuerDNS01ProviderCloudDNS   `json:"clouddns,omitempty"`
+	Cloudflare *ACMEIssuerDNS01ProviderCloudflare `json:"cloudflare,omitempty"`
+	Route53    *ACMEIssuerDNS01ProviderRoute53    `json:"route53,omitempty"`
+}
+
+// ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS
+// configuration for Google Cloud DNS
+type ACMEIssuerDNS01ProviderCloudDNS struct {
+	ServiceAccount SecretKeySelector `json:"serviceAccount"`
+	Project        string            `json:"project"`
+}
+
+// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS
+// configuration for Cloudflare
+type ACMEIssuerDNS01ProviderCloudflare struct {
+	Email  string            `json:"email"`
+	APIKey SecretKeySelector `json:"apiKey"`
+}
+
+// ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53
+// configuration for AWS
+type ACMEIssuerDNS01ProviderRoute53 struct {
+	AccessKeyID     string            `json:"accessKeyID"`
+	SecretAccessKey SecretKeySelector `json:"secretAccessKey"`
+	HostedZoneID    string            `json:"hostedZoneID"`
+	Region          string            `json:"region"`
 }
 
 // IssuerStatus contains status information about an Issuer
@@ -104,57 +160,6 @@ const (
 	ConditionUnknown ConditionStatus = "Unknown"
 )
 
-// ACMEIssuer contains the specification for an ACME issuer
-type ACMEIssuer struct {
-	// Email is the email for this account
-	Email string `json:"email"`
-	// Server is the ACME server URL
-	Server string `json:"server"`
-	// PrivateKey is the name of a secret containing the private key for this
-	// user account.
-	PrivateKey string `json:"privateKey"`
-	// DNS-01 config
-	DNS01 *ACMEIssuerDNS01Config `json:"dns-01"`
-}
-
-// ACMEIssuerDNS01Config is a structure containing the ACME DNS configuration
-// option. One and only one of the fields within it should be set, when the
-// ACME challenge type is set to dns-01
-type ACMEIssuerDNS01Config struct {
-	Providers []ACMEIssuerDNS01Provider `json:"providers"`
-}
-
-type ACMEIssuerDNS01Provider struct {
-	Name string `json:"name"`
-
-	CloudDNS   *ACMEIssuerDNS01ProviderCloudDNS   `json:"clouddns,omitempty"`
-	Cloudflare *ACMEIssuerDNS01ProviderCloudflare `json:"cloudflare,omitempty"`
-	Route53    *ACMEIssuerDNS01ProviderRoute53    `json:"route53,omitempty"`
-}
-
-// ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS
-// configuration for Google Cloud DNS
-type ACMEIssuerDNS01ProviderCloudDNS struct {
-	ServiceAccount SecretKeySelector `json:"serviceAccount"`
-	Project        string            `json:"project"`
-}
-
-// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS
-// configuration for Cloudflare
-type ACMEIssuerDNS01ProviderCloudflare struct {
-	Email  string            `json:"email"`
-	APIKey SecretKeySelector `json:"apiKey"`
-}
-
-// ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53
-// configuration for AWS
-type ACMEIssuerDNS01ProviderRoute53 struct {
-	AccessKeyID     string            `json:"accessKeyID"`
-	SecretAccessKey SecretKeySelector `json:"secretAccessKey"`
-	HostedZoneID    string            `json:"hostedZoneID"`
-	Region          string            `json:"region"`
-}
-
 type ACMEIssuerStatus struct {
 	// URI is the unique account identifier, which can also be used to retrieve
 	// account details from the CA
diff --git a/pkg/apis/certmanager/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/certmanager/v1alpha1/zz_generated.deepcopy.go
index a84025c38..582d4832c 100644
--- a/pkg/apis/certmanager/v1alpha1/zz_generated.deepcopy.go
+++ b/pkg/apis/certmanager/v1alpha1/zz_generated.deepcopy.go
@@ -84,6 +84,10 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
 			in.(*ACMEIssuerStatus).DeepCopyInto(out.(*ACMEIssuerStatus))
 			return nil
 		}, InType: reflect.TypeOf(&ACMEIssuerStatus{})},
+		conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
+			in.(*CAIssuer).DeepCopyInto(out.(*CAIssuer))
+			return nil
+		}, InType: reflect.TypeOf(&CAIssuer{})},
 		conversion.GeneratedDeepCopyFunc{Fn: func(in interface{}, out interface{}, c *conversion.Cloner) error {
 			in.(*Certificate).DeepCopyInto(out.(*Certificate))
 			return nil
@@ -416,6 +420,23 @@ func (in *ACMEIssuerStatus) DeepCopy() *ACMEIssuerStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CAIssuer) DeepCopyInto(out *CAIssuer) {
+	*out = *in
+	out.SecretRef = in.SecretRef
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CAIssuer.
+func (in *CAIssuer) DeepCopy() *CAIssuer {
+	if in == nil {
+		return nil
+	}
+	out := new(CAIssuer)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Certificate) DeepCopyInto(out *Certificate) {
 	*out = *in
@@ -664,6 +685,15 @@ func (in *IssuerSpec) DeepCopyInto(out *IssuerSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.CA != nil {
+		in, out := &in.CA, &out.CA
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(CAIssuer)
+			**out = **in
+		}
+	}
 	return
 }