weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

make sure the expire time is set when the certificate is in an infinite renewal loop

Browse Source 
Signed-off-by: Gus Parvin <gparvin@us.ibm.com>
This commit is contained in:
Gus Parvin 2018-11-15 14:07:34 +00:00
parent aceb997032
commit ff3f198eca
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/controller/certificates/sync.go
View File

@ -179,6 +179,9 @@ func (c *Controller) Sync(ctx context.Context, crt *v1alpha1.Certificate) (reque
return c.issue(ctx, i, crtCopy)
}
metaNotAfter := metav1.NewTime(cert.NotAfter)
crtCopy.Status.NotAfter = &metaNotAfter
// check if the certificate needs renewal
needsRenew := c.Context.IssuerOptions.CertificateNeedsRenew(cert)
if needsRenew {
@ -191,9 +194,6 @@ func (c *Controller) Sync(ctx context.Context, crt *v1alpha1.Certificate) (reque
// end checking if the TLS certificate is valid/needs a re-issue or renew
metaNotAfter := metav1.NewTime(cert.NotAfter)
crtCopy.Status.NotAfter = &metaNotAfter
return false, nil
}