New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update API type documentation for 'certmanager', 'meta' and 'acme' API groups #3031
Update API type documentation for 'certmanager', 'meta' and 'acme' API groups #3031
Conversation
1f00938
to
1ac7bb5
Compare
@munnerz looking great! just these few nits |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've gone through the certificate and certificaterequest docs....but just realised that they are the v1alpha2 docs. All those changes also apply to the v1alpha3 docs too...but my question is why bother updating the v1alpha2 docs at all?
This PR updates both v1alpha2 and v1alpha3 😄 We document both because both are valid API versions that you can use to talk to the apiserver with. To not document one would mean that some set of users (those consuming older api versions) have no documentation. For the most part, these comments are identical. But there are a few specific areas where they are not (where we have changed behaviours 😄 ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've gone through the v1alpha3 issuer types and noted a few typos and inconsistencies.
Generally:
- Should each docstring start with the name of the documented field?
Personally I think it is laborious and looks clumsy when reading the source code, but I know that some of the golang linters enforce this rule...is it because it is used by the godoc tool to match comments to fields? If so, perhaps we should just automatically enforce this through a linting tool. - Use of full stops. Most doc strings have them, some don't. Can we use a linting tool to enforce this too?
- Use
Certificate
vscertificate
when talking aboutCertificate
custom resources vs x509certificate
.
PrivateKey cmmeta.SecretKeySelector `json:"privateKeySecretRef"` | ||
|
||
// Solvers is a list of challenge solvers that will be used to solve | ||
// ACME challenges for the matching domains. | ||
// Solver configurations must be provided in order to obtain certificates | ||
// from an ACME server. | ||
// For more information, see: https://cert-manager.io/docs/configuration/acme/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this would be a better place to explain that solvers are used in order of DNS specificity.
Currently this is explained below on the ACMEChallengeSolver > Selector
field
type ACMEChallengeSolver struct { | ||
// Selector selects a set of DNSNames on the Certificate resource that | ||
// should be solved using this challenge solver. | ||
// If not specified, the solver will be treated as the 'default' solver | ||
// with the lowest priority, i.e. if any other solver has a more specific | ||
// match, it will be used instead. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This took me a while to understand this. I think it would be worth describe this solver priority on the ACMEIssuer > Solvers
field as well or instead.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few more comments and suggestions.
I only reviewed the v1alpha3 docs, not the internal, or v1alpha2 docs....on the basis that the suggestions apply to those versions too (where applicable).
It's great that you've added all this extra detail. Thanks.
// ACMEIssuer contains the specification for an ACME issuer. | ||
// This uses the RFC8555 specification to obtain certificates by completing | ||
// 'challenges' to prove ownership of domain identifiers. | ||
// Earlier draft versions of the ACME specification are not supported. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we really need to document the internal types too? Do these ever get published? It seems like we need a tool to automate the syncing of these doc strings.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They don't get published, but I opted to do this a) for consistency with other API doc packages, b) because it's not that difficult to copy and paste them over and c) for consistency with upstream APIs 😄
+1 to something to automate syncing, although there are slight tweaks made (e.g. removing the kubebuilder
annotations and the optional
markers etc)
3478c1f
to
5eadb4c
Compare
5eadb4c
to
82d4da1
Compare
82d4da1
to
1fbb08d
Compare
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
…ationKey Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
Signed-off-by: James Munnelly <james@munnelly.eu>
0b66d64
to
ca29def
Compare
Signed-off-by: James Munnelly <james@munnelly.eu>
ca29def
to
636083f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @munnerz
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: munnerz, wallrj The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/kind cleanup |
What this PR does / why we need it:
I've gone through these two API groups and added/updated documentation for all fields. I still need to go through the
acme
API group and apply similar changes.This also includes a const being renamed (i.e. not changing the value of it), which I have separated into its own commit to make it easier to review.
Release note:
/cc @meyskens @JoshVanL