openservicemesh · jaellio · Jun 17, 2022 · Jun 13, 2022 · Jun 16, 2022
@@ -39,10 +39,6 @@ spec:
           jsonPath: .status.currentState
           name: State
           type: string
-        - description: Current rotationStage of the MeshRootCertificate config
-          jsonPath: .status.currentRotationStage
-          name: RotationStage
-          type: string
       schema:
         openAPIV3Schema:
           type: object

@@ -423,8 +423,7 @@ func buildMeshRootCertificate(presetMeshRootCertificateConfigMap *corev1.ConfigM
 		},
 		Spec: presetMeshRootCertificateSpec,
 		Status: configv1alpha2.MeshRootCertificateStatus{
-			State:         constants.MRCStateComplete,
-			RotationStage: constants.MRCStageIssuing,
+			State: constants.MRCStateActive,
 		},
 	}
 

@@ -97,8 +97,7 @@ var testMeshRootCertificate *configv1alpha2.MeshRootCertificate = &configv1alpha
 	},
 	Spec: configv1alpha2.MeshRootCertificateSpec{},
 	Status: configv1alpha2.MeshRootCertificateStatus{
-		State:         constants.MRCStateComplete,
-		RotationStage: constants.MRCStageIssuing,
+		State: constants.MRCStateActive,
 	},
 }
 

@@ -113,14 +113,9 @@ type TresorCASpec struct {
 
 // MeshRootCertificateStatus defines the status of the MeshRootCertificate resource
 type MeshRootCertificateStatus struct {
-	// State specifies the state of the root certificate rotation
+	// State specifies the state of the certificate provider
+	// All states are specified in constants.go
 	State string `json:"state"`
-
-	// RotationStage specifies the stage of the rotation indicating how a
-	// root certificate is currently being used within the mesh. The exact
-	// meaning of the RotationStage status is determined by the accompanying
-	// State status
-	RotationStage string `json:"rotationStage"`
 }
 
 // MeshRootCertificateList defines the list of MeshRootCertificate objects

@@ -69,8 +69,7 @@ func NewCertificateManager(kubeClient kubernetes.Interface, kubeConfig *rest.Con
 			},
 			// TODO(#4502): Detect if an actual MRC exists, and set the status accordingly.
 			Status: v1alpha2.MeshRootCertificateStatus{
-				State:         constants.MRCStateComplete,
-				RotationStage: constants.MRCStageIssuing,
+				State: constants.MRCStateActive,
 			},
 		},
 	}

@@ -166,14 +166,26 @@ const (
 	// MRCVersionAnnotation is the annotation used for the version of the MeshRootCertificate
 	MRCVersionAnnotation = "openservicemesh.io/mrc-version"
 
-	// MRCStageValidating is the validating status option for the rotation stage of the MeshRootCertificate
-	MRCStageValidating = "validating"
+	// MRCStateValidatingRollout is the validating rollout status option for the State of the MeshRootCertificate
+	MRCStateValidatingRollout = "validatingRollout"
 
-	// MRCStageIssuing is the issuing status option for the rotation stage of the MeshRootCertificate
-	MRCStageIssuing = "issuing"
+	// MRCStateIssuingRollout is the issuing rollout status option for the State of the MeshRootCertificate
+	MRCStateIssuingRollout = "issuingRollout"
 
-	// MRCStateComplete is the complete status option for the state of the MeshRootCertificate
-	MRCStateComplete = "complete"
+	// MRCStateActive is the active status option for the State of the MeshRootCertificate
+	MRCStateActive = "active"
+
+	// MRCStateIssuingRollback is the issuing rollback status option for the State of the MeshRootCertificate
+	MRCStateIssuingRollback = "issuingRollback"
+
+	// MRCStateValidatingRollback is the validating rollback status option for the State of the MeshRootCertificate
+	MRCStateValidatingRollback = "validatingRollback"
+
+	// MRCStateInactive is the inactive status option for the State of the MeshRootCertificate
+	MRCStateInactive = "inactive"
+
+	// MRCStateError is the error status option for the State of the MeshRootCertificate
+	MRCStateError = "error"
 )
 
 // Labels used by the control plane