remove changes in issuers that seems to not be needed
Signed-off-by: Gus Parvin <gparvin@us.ibm.com>
This commit is contained in:
Gus Parvin
parent
7e33256b68
commit
ff1a8534fa
@ -148,7 +148,7 @@ Appears In:
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>notAfter</code><br /> <em><a href="#time-v1">Time</a></em></td>
|
||||
<td></td>
|
||||
<td>The expiration time of the certificate stored in the secret named by this resource in spec.secretName.</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
@ -103,7 +103,10 @@ type ACMECertificateConfig struct {
|
||||
type CertificateStatus struct {
|
||||
Conditions []CertificateCondition `json:"conditions,omitempty"`
|
||||
LastFailureTime *metav1.Time `json:"lastFailureTime,omitempty"`
|
||||
NotAfter *metav1.Time `json:"notAfter,omitempty"`
|
||||
|
||||
// The expiration time of the certificate stored in the secret named
|
||||
// by this resource in spec.secretName.
|
||||
NotAfter *metav1.Time `json:"notAfter,omitempty"`
|
||||
}
|
||||
|
||||
// CertificateCondition contains condition information for an Certificate.
|
||||
|
||||
@ -182,9 +182,6 @@ func (a *Acme) Issue(ctx context.Context, crt *v1alpha1.Certificate) (issuer.Iss
|
||||
return a.retryOrder(crt, existingOrder)
|
||||
}
|
||||
|
||||
metaExpireTime := metav1.NewTime(x509Cert.NotAfter)
|
||||
crt.Status.NotAfter = &metaExpireTime
|
||||
|
||||
if a.Context.IssuerOptions.CertificateNeedsRenew(x509Cert) {
|
||||
// existing order's certificate is near expiry
|
||||
return a.retryOrder(crt, existingOrder)
|
||||
|
||||
@ -20,7 +20,6 @@ go_library(
|
||||
"//vendor/github.com/hashicorp/vault/api:go_default_library",
|
||||
"//vendor/github.com/hashicorp/vault/helper/certutil:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||
"//vendor/k8s.io/client-go/listers/core/v1:go_default_library",
|
||||
],
|
||||
)
|
||||
|
||||
@ -36,7 +36,6 @@ import (
|
||||
"github.com/jetstack/cert-manager/pkg/util/kube"
|
||||
"github.com/jetstack/cert-manager/pkg/util/pki"
|
||||
k8sErrors "k8s.io/apimachinery/pkg/api/errors"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -104,9 +103,6 @@ func (v *Vault) obtainCertificate(ctx context.Context, crt *v1alpha1.Certificate
|
||||
return nil, nil, nil, err
|
||||
}
|
||||
|
||||
metaExpireTime := metav1.NewTime(time.Now().Add(defaultCertificateDuration))
|
||||
crt.Status.NotAfter = &metaExpireTime
|
||||
|
||||
keyBytes, err := pki.EncodePrivateKey(signeeKey)
|
||||
if err != nil {
|
||||
return nil, nil, nil, err
|
||||
|
||||
@ -12,7 +12,6 @@ go_library(
|
||||
deps = [
|
||||
"//pkg/apis/certmanager/v1alpha1:go_default_library",
|
||||
"//pkg/util/errors:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||
],
|
||||
)
|
||||
|
||||
|
||||
@ -28,7 +28,6 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
// CommonNameForCertificate returns the common name that should be used for the
|
||||
@ -150,10 +149,6 @@ func GenerateTemplate(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate)
|
||||
keyUsages |= x509.KeyUsageCertSign
|
||||
}
|
||||
|
||||
expireTime := time.Now().Add(defaultNotAfter)
|
||||
metaExpireTime := metav1.NewTime(expireTime)
|
||||
crt.Status.NotAfter = &metaExpireTime
|
||||
|
||||
return &x509.Certificate{
|
||||
Version: 3,
|
||||
BasicConstraintsValid: true,
|
||||
@ -165,7 +160,7 @@ func GenerateTemplate(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate)
|
||||
CommonName: commonName,
|
||||
},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: expireTime,
|
||||
NotAfter: time.Now().Add(defaultNotAfter),
|
||||
// see http://golang.org/pkg/crypto/x509/#KeyUsage
|
||||
KeyUsage: keyUsages,
|
||||
DNSNames: dnsNames,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user