-
Notifications
You must be signed in to change notification settings - Fork 1.3k
/
certificates.go
80 lines (60 loc) · 1.92 KB
/
certificates.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package apply
import (
"time"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
k8sv1 "kubevirt.io/api/core/v1"
)
func GetCADuration(config *k8sv1.KubeVirtSelfSignConfiguration) *metav1.Duration {
defaultDuration := &metav1.Duration{Duration: Duration7d}
if config == nil {
return defaultDuration
}
// deprecated, but takes priority to provide a smooth upgrade path
if config.CARotateInterval != nil {
return config.CARotateInterval
}
if config.CA != nil && config.CA.Duration != nil {
return config.CA.Duration
}
return defaultDuration
}
func GetCARenewBefore(config *k8sv1.KubeVirtSelfSignConfiguration) *metav1.Duration {
caDuration := GetCADuration(config)
defaultDuration := &metav1.Duration{Duration: time.Duration(float64(caDuration.Duration) * 0.2)}
if config == nil {
return defaultDuration
}
// deprecated, but takes priority to provide a smooth upgrade path
if config.CAOverlapInterval != nil {
return config.CAOverlapInterval
}
if config.CA != nil && config.CA.RenewBefore != nil {
return config.CA.RenewBefore
}
return defaultDuration
}
func GetCertDuration(config *k8sv1.KubeVirtSelfSignConfiguration) *metav1.Duration {
defaultDuration := &metav1.Duration{Duration: Duration1d}
if config == nil {
return defaultDuration
}
// deprecated, but takes priority to provide a smooth upgrade path
if config.CertRotateInterval != nil {
return config.CertRotateInterval
}
if config.Server != nil && config.Server.Duration != nil {
return config.Server.Duration
}
return defaultDuration
}
func GetCertRenewBefore(config *k8sv1.KubeVirtSelfSignConfiguration) *metav1.Duration {
certDuration := GetCertDuration(config)
defaultDuration := &metav1.Duration{Duration: time.Duration(float64(certDuration.Duration) * 0.2)}
if config == nil {
return defaultDuration
}
if config.Server != nil && config.Server.RenewBefore != nil {
return config.Server.RenewBefore
}
return defaultDuration
}