karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Address comments 

Signed-off-by: Joe Nathan Abellard <contact@jabellard.com>
This commit is contained in:
Joe Nathan Abellard 2025-03-06 15:28:05 -05:00
parent 83fbe65bb3
commit 5652025362
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/proposals/karmada-operator/custom-leaf-cert-validity/README.md
View File

@ -33,7 +33,7 @@ In scenarios where security policies require frequent rotation of certificates,
## Proposal ## Proposal
The proposal introduces a new optional field, `LeafCertValidity`, in the `CustomCertificate` struct, where users can specify the validity period of leaf certificates in days. The proposal introduces a new optional field, `LeafCertValidityDays`, in the `CustomCertificate` struct, where users can specify the validity period of leaf certificates in days.
### API Changes ### API Changes
@ -41,10 +41,10 @@ The proposal introduces a new optional field, `LeafCertValidity`, in the `Custom
type CustomCertificate struct { type CustomCertificate struct {
// Other, existing fields omitted for brevity // Other, existing fields omitted for brevity
// LeafCertValidity specifies the validity period of leaf certificates (e.g., API Server certificate) in days. // LeafCertValidityDays specifies the validity period of leaf certificates (e.g., API Server certificate) in days.
// If not specified, the default validity period of 1 year will be used. // If not specified, the default validity period of 1 year will be used.
// +optional // +optional
LeafCertValidity *int `json:"leafCertValidity,omitempty"` LeafCertValidityDays *int `json:"leafCertValidityDays,omitempty"`
} }
``` ```
@ -66,9 +66,9 @@ As a cloud infrastructure architect, I want to configure the validity period of
## Design Details ## Design Details
The `LeafCertValidity` field in `CustomCertificate` will allow users to specify the validity period of leaf certificates in days. During the reconciliation process, the Karmada operator will: The `LeafCertValidityDays` field in `CustomCertificate` will allow users to specify the validity period of leaf certificates in days. During the reconciliation process, the Karmada operator will:
- Check if `CustomCertificate.LeafCertValidity` is set. - Check if `CustomCertificate.LeafCertValidityDays` is set.
- If specified: - If specified:
- Use the provided validity period to derive the `NotAfter` field of the leaf certificate. - Use the provided validity period to derive the `NotAfter` field of the leaf certificate.
- If not specified: - If not specified: