diff --git a/pkg/apis/certificates/types.go b/pkg/apis/certificates/types.go index 89c935fd4a5..b616c000113 100644 --- a/pkg/apis/certificates/types.go +++ b/pkg/apis/certificates/types.go @@ -16,7 +16,10 @@ limitations under the License. package certificates -import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + api "k8s.io/kubernetes/pkg/apis/core" +) // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -113,11 +116,17 @@ type RequestConditionType string const ( CertificateApproved RequestConditionType = "Approved" CertificateDenied RequestConditionType = "Denied" + CertificateFailed RequestConditionType = "Failed" ) type CertificateSigningRequestCondition struct { - // request approval state, currently Approved or Denied. + // type of the condition. Known conditions include "Approved", "Denied", and "Failed". Type RequestConditionType + // Status of the condition, one of True, False, Unknown. + // Approved, Denied, and Failed conditions may not be "False" or "Unknown". + // If unset, should be treated as "True". + // +optional + Status api.ConditionStatus // brief reason for the request state // +optional Reason string @@ -127,6 +136,9 @@ type CertificateSigningRequestCondition struct { // timestamp for the last update to this condition // +optional LastUpdateTime metav1.Time + // lastTransitionTime is the time the condition last transitioned from one status to another. + // +optional + LastTransitionTime metav1.Time } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/apis/certificates/v1beta1/defaults.go b/pkg/apis/certificates/v1beta1/defaults.go index ec11d3ab111..ca0913735f6 100644 --- a/pkg/apis/certificates/v1beta1/defaults.go +++ b/pkg/apis/certificates/v1beta1/defaults.go @@ -22,6 +22,7 @@ import ( "strings" certificatesv1beta1 "k8s.io/api/certificates/v1beta1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/sets" ) @@ -41,6 +42,12 @@ func SetDefaults_CertificateSigningRequestSpec(obj *certificatesv1beta1.Certific } } +func SetDefaults_CertificateSigningRequestCondition(obj *certificatesv1beta1.CertificateSigningRequestCondition) { + if len(obj.Status) == 0 { + obj.Status = v1.ConditionTrue + } +} + // DefaultSignerNameFromSpec will determine the signerName that should be set // by attempting to inspect the 'request' content and the spec options. func DefaultSignerNameFromSpec(obj *certificatesv1beta1.CertificateSigningRequestSpec) string { diff --git a/staging/src/k8s.io/api/certificates/v1beta1/types.go b/staging/src/k8s.io/api/certificates/v1beta1/types.go index f5d6b8acd24..340cf994b99 100644 --- a/staging/src/k8s.io/api/certificates/v1beta1/types.go +++ b/staging/src/k8s.io/api/certificates/v1beta1/types.go @@ -19,6 +19,7 @@ package v1beta1 import ( "fmt" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -134,11 +135,18 @@ type RequestConditionType string const ( CertificateApproved RequestConditionType = "Approved" CertificateDenied RequestConditionType = "Denied" + CertificateFailed RequestConditionType = "Failed" ) type CertificateSigningRequestCondition struct { - // request approval state, currently Approved or Denied. + // type of the condition. Known conditions include "Approved", "Denied", and "Failed". Type RequestConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=RequestConditionType"` + // Status of the condition, one of True, False, Unknown. + // Approved, Denied, and Failed conditions may not be "False" or "Unknown". + // Defaults to "True". + // If unset, should be treated as "True". + // +optional + Status v1.ConditionStatus `json:"status" protobuf:"bytes,6,opt,name=status,casttype=k8s.io/api/core/v1.ConditionStatus"` // brief reason for the request state // +optional Reason string `json:"reason,omitempty" protobuf:"bytes,2,opt,name=reason"` @@ -148,6 +156,11 @@ type CertificateSigningRequestCondition struct { // timestamp for the last update to this condition // +optional LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty" protobuf:"bytes,4,opt,name=lastUpdateTime"` + // lastTransitionTime is the time the condition last transitioned from one status to another. + // If unset, when a new condition type is added or an existing condition's status is changed, + // the server defaults this to the current time. + // +optional + LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,5,opt,name=lastTransitionTime"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object