diff --git a/deploy/crds/crd-clusterissuers.yaml b/deploy/crds/crd-clusterissuers.yaml index 0e179b981..2530dceaf 100644 --- a/deploy/crds/crd-clusterissuers.yaml +++ b/deploy/crds/crd-clusterissuers.yaml @@ -1078,7 +1078,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -2235,7 +2235,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -3394,7 +3394,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -4553,7 +4553,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: diff --git a/deploy/crds/crd-issuers.yaml b/deploy/crds/crd-issuers.yaml index c8051c8c1..721517a31 100644 --- a/deploy/crds/crd-issuers.yaml +++ b/deploy/crds/crd-issuers.yaml @@ -1078,7 +1078,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -2235,7 +2235,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -3394,7 +3394,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: @@ -4553,7 +4553,7 @@ spec: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string caBundle: - description: PEM encoded CA bundle used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string format: byte namespace: diff --git a/pkg/apis/certmanager/v1/types_issuer.go b/pkg/apis/certmanager/v1/types_issuer.go index 9a929fc1a..61d351e52 100644 --- a/pkg/apis/certmanager/v1/types_issuer.go +++ b/pkg/apis/certmanager/v1/types_issuer.go @@ -203,10 +203,10 @@ type VaultIssuer struct { // +optional Namespace string `json:"namespace,omitempty"` - // PEM encoded CA bundle used to validate Vault server certificate. Only used - // if the Server URL is using HTTPS protocol. This parameter is ignored for - // plain HTTP protocol connection. If not set the system root certificates - // are used to validate the TLS connection. + // PEM-encoded CA bundle (base64-encoded) used to validate Vault server + // certificate. Only used if the Server URL is using HTTPS protocol. This + // parameter is ignored for plain HTTP protocol connection. If not set the + // system root certificates are used to validate the TLS connection. // +optional CABundle []byte `json:"caBundle,omitempty"` } diff --git a/pkg/apis/certmanager/v1alpha2/types_issuer.go b/pkg/apis/certmanager/v1alpha2/types_issuer.go index 261579ea4..d307f993b 100644 --- a/pkg/apis/certmanager/v1alpha2/types_issuer.go +++ b/pkg/apis/certmanager/v1alpha2/types_issuer.go @@ -199,10 +199,10 @@ type VaultIssuer struct { // +optional Namespace string `json:"namespace,omitempty"` - // PEM encoded CA bundle used to validate Vault server certificate. Only used - // if the Server URL is using HTTPS protocol. This parameter is ignored for - // plain HTTP protocol connection. If not set the system root certificates - // are used to validate the TLS connection. + // PEM-encoded CA bundle (base64-encoded) used to validate Vault server + // certificate. Only used if the Server URL is using HTTPS protocol. This + // parameter is ignored for plain HTTP protocol connection. If not set the + // system root certificates are used to validate the TLS connection. // +optional CABundle []byte `json:"caBundle,omitempty"` } diff --git a/pkg/apis/certmanager/v1alpha3/types_issuer.go b/pkg/apis/certmanager/v1alpha3/types_issuer.go index 3532e95e4..f0a9c1dc8 100644 --- a/pkg/apis/certmanager/v1alpha3/types_issuer.go +++ b/pkg/apis/certmanager/v1alpha3/types_issuer.go @@ -199,10 +199,10 @@ type VaultIssuer struct { // +optional Namespace string `json:"namespace,omitempty"` - // PEM encoded CA bundle used to validate Vault server certificate. Only used - // if the Server URL is using HTTPS protocol. This parameter is ignored for - // plain HTTP protocol connection. If not set the system root certificates - // are used to validate the TLS connection. + // PEM-encoded CA bundle (base64-encoded) used to validate Vault server + // certificate. Only used if the Server URL is using HTTPS protocol. This + // parameter is ignored for plain HTTP protocol connection. If not set the + // system root certificates are used to validate the TLS connection. // +optional CABundle []byte `json:"caBundle,omitempty"` } diff --git a/pkg/apis/certmanager/v1beta1/types_issuer.go b/pkg/apis/certmanager/v1beta1/types_issuer.go index db5e436ac..da1f8a824 100644 --- a/pkg/apis/certmanager/v1beta1/types_issuer.go +++ b/pkg/apis/certmanager/v1beta1/types_issuer.go @@ -201,10 +201,10 @@ type VaultIssuer struct { // +optional Namespace string `json:"namespace,omitempty"` - // PEM encoded CA bundle used to validate Vault server certificate. Only used - // if the Server URL is using HTTPS protocol. This parameter is ignored for - // plain HTTP protocol connection. If not set the system root certificates - // are used to validate the TLS connection. + // PEM-encoded CA bundle (base64-encoded) used to validate Vault server + // certificate. Only used if the Server URL is using HTTPS protocol. This + // parameter is ignored for plain HTTP protocol connection. If not set the + // system root certificates are used to validate the TLS connection. // +optional CABundle []byte `json:"caBundle,omitempty"` } diff --git a/pkg/internal/apis/certmanager/types_issuer.go b/pkg/internal/apis/certmanager/types_issuer.go index 77d81ffbf..36d5867aa 100644 --- a/pkg/internal/apis/certmanager/types_issuer.go +++ b/pkg/internal/apis/certmanager/types_issuer.go @@ -181,10 +181,10 @@ type VaultIssuer struct { // More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces Namespace string - // PEM encoded CA bundle used to validate Vault server certificate. Only used - // if the Server URL is using HTTPS protocol. This parameter is ignored for - // plain HTTP protocol connection. If not set the system root certificates - // are used to validate the TLS connection. + // PEM-encoded CA bundle (base64-encoded) used to validate Vault server + // certificate. Only used if the Server URL is using HTTPS protocol. This + // parameter is ignored for plain HTTP protocol connection. If not set the + // system root certificates are used to validate the TLS connection. CABundle []byte }