Implement parsing of certificate validity duration and renewal grace period from service labels

Currently, both the certificate validity duration and the renewal grace period are hard-coded in the controller. We should implement optional service labels which users can set to customize the validity duration and renewal grace period for their service certificates.

Current implementation: https://github.com/projectsyn/k8s-service-ca-controller/blob/f2e105fa29a1391ec563ee839e57e03c026b2839/certs/create.go#L113-L129 

	func certDurationFromSvc(svc corev1.Service) (metav1.Duration, error) {
	// TODO: annotation/label on svc
	d, err := time.ParseDuration("2160h")
	if err != nil {
	return nil, err
	}
	return &metav1.Duration{Duration: d}, nil
	}

	func certRenewBeforeFromSvc(svc corev1.Service) (metav1.Duration, error) {
	// TODO: annotation/label on svc
	d, err := time.ParseDuration("360h")
	if err != nil {
	return nil, err
	}
	return &metav1.Duration{Duration: d}, nil
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement parsing of certificate validity duration and renewal grace period from service labels #9

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Implement parsing of certificate validity duration and renewal grace period from service labels #9

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions