Switched properties prefix to kita

itzg · Jun 16, 2022 · 4f20cbd · 4f20cbd
1 parent b1a40e9
commit 4f20cbd
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 15 deletions.
diff --git a/src/main/java/app/config/AppProperties.java b/src/main/java/app/config/AppProperties.java
@@ -11,7 +11,7 @@
 import org.springframework.stereotype.Component;
 import org.springframework.validation.annotation.Validated;
 
-@ConfigurationProperties("app")
+@ConfigurationProperties("kita")
 @Validated
 public record AppProperties(
     @NotEmpty

diff --git a/src/main/java/app/services/ApplicationIngressesService.java b/src/main/java/app/services/ApplicationIngressesService.java
@@ -74,7 +74,7 @@ public void onClose(WatcherException cause) {
             });
     }
 
-    @Scheduled(fixedDelayString = "#{@'app-app.config.AppProperties'.certRenewalCheckInterval}")
+    @Scheduled(fixedDelayString = "#{@'kita-app.config.AppProperties'.certRenewalCheckInterval}")
     public void checkCertRenewals() {
         final IngressList ingresses = k8s.network().v1().ingresses()
             .withLabel(Metadata.ISSUER_LABEL)

diff --git a/src/main/java/app/services/CertificateProcessingService.java b/src/main/java/app/services/CertificateProcessingService.java
@@ -42,7 +42,6 @@
 import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
 import org.bouncycastle.util.io.pem.PemObject;
 import org.bouncycastle.util.io.pem.PemWriter;
-import org.springframework.http.MediaType;
 import org.springframework.stereotype.Service;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -52,8 +51,6 @@
 @Slf4j
 public class CertificateProcessingService {
 
-    public static final MediaType PEM_CERT_CHAIN = MediaType.parseMediaType("application/pem-certificate-chain");
-
     private final KubernetesClient k8s;
     private final AppProperties appProperties;
     private final AcmeDirectoryService directoryService;
@@ -105,7 +102,7 @@ public Mono<Secret> initiateCertCreation(Ingress ingress, IngressTLS tls, String
                  */
                 return Flux.fromIterable(orderResponse.authorizations())
                     .flatMap(authzUri -> loadAuthorization(issuerId, authzUri)
-                        .flatMap(authz -> processAuthorization(issuerId, authzUri, authz, ingress, tls))
+                        .flatMap(authz -> processAuthorization(issuerId, authzUri, authz, ingress))
                     )
                     .then(
                         submitCsr(issuerId, identifiers, orderResponse.finalizeUri())
@@ -114,20 +111,23 @@ public Mono<Secret> initiateCertCreation(Ingress ingress, IngressTLS tls, String
                                     .map(certChain -> buildCertAndKey(certChain, csrResult.privateKey()))
                             )
                             .map(certAndKey -> storeSecret(issuerId, hosts, certAndKey.certChain(), certAndKey.privateKey(),
-                                secretName
+                                secretName, ingressName
                             ))
                     );
             });
 
     }
 
-    private Secret storeSecret(String issuerId, List<String> hosts, String certChain, String privateKey, String secretName) {
+    private Secret storeSecret(String issuerId, List<String> hosts, String certChain, String privateKey, String secretName,
+        String ingressName
+    ) {
         final Encoder b64Encoder = Base64.getEncoder();
         final Secret secret = new SecretBuilder()
             .withMetadata(new ObjectMetaBuilder()
                 .withName(secretName)
                 .withLabels(Map.of(
-                    Metadata.ISSUER_LABEL, issuerId
+                    Metadata.ISSUER_LABEL, issuerId,
+                    Metadata.FOR_INGRESS_LABEL, ingressName
                 ))
                 .withAnnotations(Map.of(
                     Metadata.HOST_ANNOTATION, String.join(",", hosts)
@@ -244,8 +244,7 @@ private Extensions createExtensions(List<Identifier> identifiers) {
         } catch (IOException e) {
             throw new RuntimeException("Failed to create SAN extension", e);
         }
-        final Extensions sanExtension = extensionsGenerator.generate();
-        return sanExtension;
+        return extensionsGenerator.generate();
     }
 
     private KeyPair generateCertKeyPair() {
@@ -263,8 +262,8 @@ private Mono<AuthzResponse> loadAuthorization(String issuerId, URI authzUri) {
         return requestService.request(issuerId, authzUri, "", AuthzResponse.class);
     }
 
-    private Mono<AuthzResponse> processAuthorization(String issuerId, URI authzUri, AuthzResponse auth, Ingress appIngress,
-        IngressTLS tls
+    private Mono<AuthzResponse> processAuthorization(String issuerId, URI authzUri, AuthzResponse auth,
+        Ingress appIngress
     ) {
         final Challenge httpChallenge = auth.challenges().stream()
             .filter(challenge -> challenge.type().equals(Challenge.TYPE_HTTP_01))

diff --git a/src/main/java/app/services/Metadata.java b/src/main/java/app/services/Metadata.java
@@ -9,8 +9,7 @@ public class Metadata {
     public static final String HOST_ANNOTATION = NAMESPACE + "/host";
 
     public static final String ISSUER_LABEL = NAMESPACE + "/issuer";
-
-    public static final String IDENTIFIERS_ANNOTATION = NAMESPACE + "/hosts";
+    public static final String FOR_INGRESS_LABEL = NAMESPACE + "/for-ingress";
 
     public static final String SOLVER_SERVICE_PORT_NAME = "http";