weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Set certificate name annotation in certificates controller

Browse Source 
Signed-off-by: James Munnelly <james@munnelly.eu>
This commit is contained in:
James Munnelly 2019-08-02 18:39:34 +01:00
parent c9583268af
commit c4e00311ba
3 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/controller/certificates/sync.go
View File

@ -452,9 +452,11 @@ func (c *controller) updateSecret(ctx context.Context, crt *v1alpha1.Certificate
secret.Annotations[v1alpha1.CommonNameAnnotationKey] = x509Cert.Subject.CommonName
secret.Annotations[v1alpha1.AltNamesAnnotationKey] = strings.Join(x509Cert.DNSNames, ",")
secret.Annotations[v1alpha1.IPSANAnnotationKey] = strings.Join(pki.IPAddressesToString(x509Cert.IPAddresses), ",")
secret.Annotations[v1alpha1.CertificateNameKey] = crt.Name
}
// Always set the certificate name label on the target secret
// TODO: remove this behaviour - there is a max length limit of 64 chars on label values which causes issues here
secret.Labels[v1alpha1.CertificateNameKey] = crt.Name
// set the actual values in the secret

8
pkg/controller/certificates/sync_test.go
View File

@ -222,6 +222,7 @@ func TestSync(t *testing.T) {
cmapi.CertificateNameKey: "test",
},
Annotations: map[string]string{
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -290,6 +291,7 @@ func TestSync(t *testing.T) {
},
Annotations: map[string]string{
"testannotation": "true",
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -340,6 +342,7 @@ func TestSync(t *testing.T) {
cmapi.CertificateNameKey: "test",
},
Annotations: map[string]string{
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -408,6 +411,7 @@ func TestSync(t *testing.T) {
},
Annotations: map[string]string{
"testannotation": "true",
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -492,6 +496,7 @@ func TestSync(t *testing.T) {
},
Annotations: map[string]string{
"testannotation": "true",
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -620,6 +625,7 @@ func TestSync(t *testing.T) {
},
Annotations: map[string]string{
"testannotation": "true",
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -707,6 +713,7 @@ func TestSync(t *testing.T) {
},
Annotations: map[string]string{
"testannotation": "true",
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",
@ -798,6 +805,7 @@ func TestSync(t *testing.T) {
cmapi.CertificateNameKey: "test",
},
Annotations: map[string]string{
cmapi.CertificateNameKey: "test",
"certmanager.k8s.io/alt-names": "example.com",
"certmanager.k8s.io/common-name": "example.com",
"certmanager.k8s.io/ip-sans": "",

2
test/e2e/framework/helper/certificates.go
View File

@ -163,7 +163,7 @@ func (h *Helper) ValidateIssuedCertificate(certificate *v1alpha1.Certificate, ro
return nil, fmt.Errorf("Expected certificate expiry date to be %v, but got %v", certificate.Status.NotAfter, cert.NotAfter)
}
label, ok := secret.Labels[v1alpha1.CertificateNameKey]
label, ok := secret.Annotations[v1alpha1.CertificateNameKey]
if !ok {
return nil, fmt.Errorf("Expected secret to have certificate-name label, but had none")
}