change renew-before to a pointer so it's not set unconditionally

Signed-off-by: Ashley Davis <[email protected]>
cert-manager · Oct 18, 2024 · fa97d40 · fa97d40
1 parent 0da68ae
commit fa97d40
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/internal/controller/sync.go b/internal/controller/sync.go
@@ -260,15 +260,16 @@ func (r *RouteController) buildNextCert(ctx context.Context, route *routev1.Rout
 		return nil, fmt.Errorf("invalid duration annotation on Route %s/%s", route.Namespace, route.Name)
 	}
 
-	var renewBefore time.Duration
+	var renewBefore *metav1.Duration
 	if metav1.HasAnnotation(route.ObjectMeta, cmapi.RenewBeforeAnnotationKey) {
 		renewBeforeAnnotation := route.Annotations[cmapi.RenewBeforeAnnotationKey]
 
-		var err error
-		renewBefore, err = time.ParseDuration(renewBeforeAnnotation)
+		parsedRenewBefore, err := time.ParseDuration(renewBeforeAnnotation)
 		if err != nil {
 			return nil, fmt.Errorf("invalid renew-before annotation %q on Route %s/%s", renewBeforeAnnotation, route.Namespace, route.Name)
 		}
+
+		renewBefore = &metav1.Duration{Duration: parsedRenewBefore}
 	}
 
 	var privateKeyAlgorithm cmapi.PrivateKeyAlgorithm
@@ -494,7 +495,7 @@ func (r *RouteController) buildNextCert(ctx context.Context, route *routev1.Rout
 		Spec: cmapi.CertificateSpec{
 			SecretName:           secretName,
 			Duration:             &metav1.Duration{Duration: duration},
-			RenewBefore:          &metav1.Duration{Duration: renewBefore},
+			RenewBefore:          renewBefore,
 			RevisionHistoryLimit: revisionHistoryLimit,
 			CommonName:           route.Annotations[cmapi.CommonNameAnnotationKey],
 			Subject: &cmapi.X509Subject{