Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add base of issuer-specific validation to certificates at runtime #761

Merged
merged 7 commits into from
Jul 26, 2018
Merged

Add base of issuer-specific validation to certificates at runtime #761

merged 7 commits into from
Jul 26, 2018

Conversation

kragniz
Copy link
Contributor

@kragniz kragniz commented Jul 25, 2018

Fixes #735

Add base issuer-specific validation to certificates at runtime

@jetstack-bot jetstack-bot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Jul 25, 2018
@jetstack-bot jetstack-bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jul 25, 2018
munnerz
munnerz reviewed Jul 25, 2018
View reviewed changes
pkg/apis/certmanager/validation/certificate_for_issuer_test.go Outdated
IssuerRef: validIssuerRef,
KeyAlgorithm: v1alpha1.RSAKeyAlgorithm,
},
},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a case for a valid type, but invalid for this issuer? e.g. setting key algorithm to ecdsa

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

munnerz
munnerz reviewed Jul 25, 2018
View reviewed changes
pkg/apis/certmanager/validation/certificate_for_issuer_test.go Outdated
SecretName: "abc",
IssuerRef: validIssuerRef,
},
issuer: &v1alpha1.IssuerSpec{},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this test case pass? If the issuer type is not defined in the IssuerSpec, surely NameForIssuer should error with fmt.Errorf("no issuer specified for Issuer '%s/%s'", i.GetObjectMeta().Namespace, i.GetObjectMeta().Name)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, that is as part of ValidateCertificateForIssuer and not this function. Perhaps we can add a couple of test cases there too for the case where an unspecified issuer type is used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've updated the test to cover ValidateCertificateForIssuer instead of individual validation tests

@munnerz munnerz mentioned this pull request Jul 25, 2018
Closed
@munnerz
Copy link
Member

munnerz commented Jul 26, 2018

/lgtm
/approve

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Jul 26, 2018
@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: munnerz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 26, 2018
@jetstack-bot jetstack-bot merged commit 317e6e8 into cert-manager:master Jul 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@munnerz munnerz munnerz left review comments

Assignees

@munnerz munnerz

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kragniz @munnerz @jetstack-bot