From e2fe22459e5ef09212a16c3f4daee34e080e54d6 Mon Sep 17 00:00:00 2001 From: Maru Newby Date: Fri, 18 Oct 2019 01:43:41 -0700 Subject: [PATCH 1/2] Add IntermediateCertFile to ServiceServingCertSignerConfig --- servicecertsigner/v1alpha1/types.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/servicecertsigner/v1alpha1/types.go b/servicecertsigner/v1alpha1/types.go index 5ae45591088..0393c412211 100644 --- a/servicecertsigner/v1alpha1/types.go +++ b/servicecertsigner/v1alpha1/types.go @@ -22,6 +22,16 @@ type ServiceServingCertSignerConfig struct { // signer holds the signing information used to automatically sign serving certificates. Signer configv1.CertInfo `json:"signer"` + + // IntermediateCertFile is the name of a file containing a + // PEM-encoded certificate. Only required if the initial CA has + // been rotated. The certificate should consist of the public key + // of the current CA signed by the private key of the previous + // CA. When included with a serving cert generated by the current + // CA, this certificate should allow clients with a stale CA bundle + // to trust the serving cert. + // +optional + IntermediateCertFile string `json:"intermediateCertFile"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object From 4f4965b942c4503d7c667cf92b05d9863155c9f6 Mon Sep 17 00:00:00 2001 From: Maru Newby Date: Fri, 18 Oct 2019 01:57:42 -0700 Subject: [PATCH 2/2] Update generated --- .../v1alpha1/zz_generated.swagger_doc_generated.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/servicecertsigner/v1alpha1/zz_generated.swagger_doc_generated.go b/servicecertsigner/v1alpha1/zz_generated.swagger_doc_generated.go index 3401480cd85..6987ade923d 100644 --- a/servicecertsigner/v1alpha1/zz_generated.swagger_doc_generated.go +++ b/servicecertsigner/v1alpha1/zz_generated.swagger_doc_generated.go @@ -58,8 +58,9 @@ func (ServiceCertSignerOperatorConfigSpec) SwaggerDoc() map[string]string { } var map_ServiceServingCertSignerConfig = map[string]string{ - "": "ServiceServingCertSignerConfig provides information to configure a serving serving cert signing controller", - "signer": "signer holds the signing information used to automatically sign serving certificates.", + "": "ServiceServingCertSignerConfig provides information to configure a serving serving cert signing controller", + "signer": "signer holds the signing information used to automatically sign serving certificates.", + "intermediateCertFile": "IntermediateCertFile is the name of a file containing a PEM-encoded certificate. Only required if the initial CA has been rotated. The certificate should consist of the public key of the current CA signed by the private key of the previous CA. When included with a serving cert generated by the current CA, this certificate should allow clients with a stale CA bundle to trust the serving cert.", } func (ServiceServingCertSignerConfig) SwaggerDoc() map[string]string {