Skip to content

Handle invalid ValidityDuration user input #253

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ahrtr merged 3 commits into from
Jan 13, 2026
Merged

Handle invalid ValidityDuration user input #253

ahrtr merged 3 commits into from
Jan 13, 2026

Conversation

@ArkaSaha30
Copy link
Contributor

@ArkaSaha30 ArkaSaha30 commented Dec 14, 2025
edited
Loading

This PR will handle a scenario of invalid ValidityDuration user input for the following certificate providers and throw an error.
In case ValidityDuration is not defined by the user, it will default to the corresponding default values:

  • Cert-manager Provider, default 90days
  • Auto Provider, default 365days

Fixes: #251

@ArkaSaha30 ArkaSaha30 mentioned this pull request Dec 14, 2025
Closed
4 tasks
@ArkaSaha30 ArkaSaha30 force-pushed the fix-cert-duration-check branch from 685ced1 to 119b232 Compare December 14, 2025 17:30
@ArkaSaha30 ArkaSaha30 requested a review from ahrtr December 14, 2025 17:49
@ArkaSaha30
Copy link
Contributor Author

ArkaSaha30 commented Dec 14, 2025

cc @neolit123

@ArkaSaha30 ArkaSaha30 force-pushed the fix-cert-duration-check branch 2 times, most recently from 783c3dc to e6346e5 Compare December 15, 2025 05:05
@ArkaSaha30
Copy link
Contributor Author

ArkaSaha30 commented Dec 16, 2025

/test pull-etcd-operator-test-e2e

ahrtr
ahrtr reviewed Jan 6, 2026
View reviewed changes
internal/controller/utils.go Outdated
Comment on lines 613 to 622
// Set default duration to 365 days for auto provider if not provided
var duration time.Duration
if autoConfig.ValidityDuration == "" {
duration = certInterface.DefaultAutoValidity
} else {
var err error
duration, err = time.ParseDuration(autoConfig.ValidityDuration)
if err != nil {
return nil, fmt.Errorf("failed to parse ValidityDuration: %w", err)
}
Copy link
Member

@ahrtr ahrtr Jan 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a function something like below, and reuse it for both createCMCertificateConfig and createAutoCertificateConfig

func parseValidityDuration(customizedDuration string, defaultDuration time.Duration) (time.Duration, error)

Copy link
Contributor Author

@ArkaSaha30 ArkaSaha30 Jan 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, updated the PR.

@ivanvc ivanvc self-requested a review January 6, 2026 19:15
ivanvc
ivanvc reviewed Jan 10, 2026
View reviewed changes
Copy link
Member

@ivanvc ivanvc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the pull request, Arka. Other than Benjamin's comment and one observation I left, this looks great :)

@ArkaSaha30
Handle invalid cert-manager ValidityDuration
4861f78 
This commit will handle a scenario of invalid cert-manager ValidityDuration user input
and throw an error.
In case, ValidityDuration is not defined by user it will default to 90days for cert-manager

Signed-off-by: ArkaSaha30 <[email protected]>
@ArkaSaha30 ArkaSaha30 force-pushed the fix-cert-duration-check branch from e6346e5 to 4adafe5 Compare January 11, 2026 15:47
@ArkaSaha30
Handle invalid auto cert provider ValidityDuration
4d9d86c 
This commit will handle a scenario of invalid auto cert provider ValidityDuration user input
and throw an error.
In case, ValidityDuration is not defined by user it will default to 365days for auto cert provider

Signed-off-by: ArkaSaha30 <[email protected]>
@ArkaSaha30 ArkaSaha30 force-pushed the fix-cert-duration-check branch from 4adafe5 to 4d9d86c Compare January 11, 2026 18:08
@ArkaSaha30
Use wildcard DNS
f7a0e41 
Signed-off-by: ArkaSaha30 <[email protected]>
@k8s-ci-robot
Copy link

k8s-ci-robot commented Jan 11, 2026

@ArkaSaha30: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-etcd-operator-test-e2e f7a0e41 link true /test pull-etcd-operator-test-e2e

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

ivanvc
ivanvc reviewed Jan 13, 2026
View reviewed changes
Copy link
Member

@ivanvc ivanvc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks, Arka.

@ivanvc ivanvc requested a review from ahrtr January 13, 2026 19:19
@k8s-ci-robot
Copy link

k8s-ci-robot commented Jan 13, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ahrtr, ArkaSaha30, ivanvc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ahrtr ahrtr merged commit 0a86fe9 into etcd-io:main Jan 13, 2026
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ivanvc ivanvc ivanvc approved these changes

@ahrtr ahrtr ahrtr approved these changes

Assignees

No one assigned

Labels

approved size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Refactor certificate management code bits

4 participants

@ArkaSaha30 @k8s-ci-robot @ivanvc @ahrtr