feat(certs): use State for MeshRootCertificate status (#4812) · openservicemesh/osm@46b7165 (original) (raw)
This repository was archived by the owner on Jul 11, 2023. It is now read-only.
File tree
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -39,10 +39,6 @@ spec: | ||
| 39 | 39 | jsonPath: .status.currentState |
| 40 | 40 | name: State |
| 41 | 41 | type: string |
| 42 | - - description: Current rotationStage of the MeshRootCertificate config | |
| 43 | -jsonPath: .status.currentRotationStage | |
| 44 | -name: RotationStage | |
| 45 | -type: string | |
| 46 | 42 | schema: |
| 47 | 43 | openAPIV3Schema: |
| 48 | 44 | type: object |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -430,8 +430,7 @@ func buildMeshRootCertificate(presetMeshRootCertificateConfigMap *corev1.ConfigM | ||
| 430 | 430 | }, |
| 431 | 431 | Spec: presetMeshRootCertificateSpec, |
| 432 | 432 | Status: configv1alpha2.MeshRootCertificateStatus{ |
| 433 | -State: constants.MRCStateComplete, | |
| 434 | -RotationStage: constants.MRCStageIssuing, | |
| 433 | +State: constants.MRCStateActive, | |
| 435 | 434 | }, |
| 436 | 435 | } |
| 437 | 436 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -97,8 +97,7 @@ var testMeshRootCertificate *configv1alpha2.MeshRootCertificate = &configv1alpha | ||
| 97 | 97 | }, |
| 98 | 98 | Spec: configv1alpha2.MeshRootCertificateSpec{}, |
| 99 | 99 | Status: configv1alpha2.MeshRootCertificateStatus{ |
| 100 | -State: constants.MRCStateComplete, | |
| 101 | -RotationStage: constants.MRCStageIssuing, | |
| 100 | +State: constants.MRCStateActive, | |
| 102 | 101 | }, |
| 103 | 102 | } |
| 104 | 103 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -113,14 +113,9 @@ type TresorCASpec struct { | ||
| 113 | 113 | |
| 114 | 114 | // MeshRootCertificateStatus defines the status of the MeshRootCertificate resource |
| 115 | 115 | type MeshRootCertificateStatus struct { |
| 116 | -// State specifies the state of the root certificate rotation | |
| 116 | +// State specifies the state of the certificate provider | |
| 117 | +// All states are specified in constants.go | |
| 117 | 118 | State string `json:"state"` |
| 118 | - | |
| 119 | -// RotationStage specifies the stage of the rotation indicating how a | |
| 120 | -// root certificate is currently being used within the mesh. The exact | |
| 121 | -// meaning of the RotationStage status is determined by the accompanying | |
| 122 | -// State status | |
| 123 | -RotationStage string `json:"rotationStage"` | |
| 124 | 119 | } |
| 125 | 120 | |
| 126 | 121 | // MeshRootCertificateList defines the list of MeshRootCertificate objects |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -70,8 +70,7 @@ func NewCertificateManager(kubeClient kubernetes.Interface, kubeConfig *rest.Con | ||
| 70 | 70 | }, |
| 71 | 71 | // TODO(#4502): Detect if an actual MRC exists, and set the status accordingly. |
| 72 | 72 | Status: v1alpha2.MeshRootCertificateStatus{ |
| 73 | -State: constants.MRCStateComplete, | |
| 74 | -RotationStage: constants.MRCStageIssuing, | |
| 73 | +State: constants.MRCStateActive, | |
| 75 | 74 | }, |
| 76 | 75 | }, |
| 77 | 76 | } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -166,14 +166,26 @@ const ( | ||
| 166 | 166 | // MRCVersionAnnotation is the annotation used for the version of the MeshRootCertificate |
| 167 | 167 | MRCVersionAnnotation = "openservicemesh.io/mrc-version" |
| 168 | 168 | |
| 169 | -// MRCStageValidating is the validating status option for the rotation stage of the MeshRootCertificate | |
| 170 | -MRCStageValidating = "validating" | |
| 169 | +// MRCStateValidatingRollout is the validating rollout status option for the State of the MeshRootCertificate | |
| 170 | +MRCStateValidatingRollout = "validatingRollout" | |
| 171 | 171 | |
| 172 | -// MRCStageIssuing is the issuing status option for the rotation stage of the MeshRootCertificate | |
| 173 | -MRCStageIssuing = "issuing" | |
| 172 | +// MRCStateIssuingRollout is the issuing rollout status option for the State of the MeshRootCertificate | |
| 173 | +MRCStateIssuingRollout = "issuingRollout" | |
| 174 | 174 | |
| 175 | -// MRCStateComplete is the complete status option for the state of the MeshRootCertificate | |
| 176 | -MRCStateComplete = "complete" | |
| 175 | +// MRCStateActive is the active status option for the State of the MeshRootCertificate | |
| 176 | +MRCStateActive = "active" | |
| 177 | + | |
| 178 | +// MRCStateIssuingRollback is the issuing rollback status option for the State of the MeshRootCertificate | |
| 179 | +MRCStateIssuingRollback = "issuingRollback" | |
| 180 | + | |
| 181 | +// MRCStateValidatingRollback is the validating rollback status option for the State of the MeshRootCertificate | |
| 182 | +MRCStateValidatingRollback = "validatingRollback" | |
| 183 | + | |
| 184 | +// MRCStateInactive is the inactive status option for the State of the MeshRootCertificate | |
| 185 | +MRCStateInactive = "inactive" | |
| 186 | + | |
| 187 | +// MRCStateError is the error status option for the State of the MeshRootCertificate | |
| 188 | +MRCStateError = "error" | |
| 177 | 189 | ) |
| 178 | 190 | |
| 179 | 191 | // Labels used by the control plane |