From 855842c468b6607d1056320232a3f92202e3093b Mon Sep 17 00:00:00 2001 From: Cao Shufeng Date: Thu, 12 Jul 2018 18:50:15 +0800 Subject: [PATCH] optimize certificate cleaner No need to parse certificates for every conditions --- pkg/controller/certificates/cleaner/cleaner.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/controller/certificates/cleaner/cleaner.go b/pkg/controller/certificates/cleaner/cleaner.go index 51de92fd605..bfe43fa028b 100644 --- a/pkg/controller/certificates/cleaner/cleaner.go +++ b/pkg/controller/certificates/cleaner/cleaner.go @@ -118,11 +118,11 @@ func (ccc *CSRCleanerController) handle(csr *capi.CertificateSigningRequest) err // isIssuedExpired checks if the CSR has been issued a certificate and if the // expiration of the certificate (the NotAfter value) has passed. func isIssuedExpired(csr *capi.CertificateSigningRequest) (bool, error) { + isExpired, err := isExpired(csr) + if err != nil { + return false, err + } for _, c := range csr.Status.Conditions { - isExpired, err := isExpired(csr) - if err != nil { - return false, err - } if c.Type == capi.CertificateApproved && isIssued(csr) && isExpired { glog.Infof("Cleaning CSR %q as the associated certificate is expired.", csr.Name) return true, nil