gitpod-io
diff --git a/‎installer/pkg/common/constants.go‎
Lines changed: 9 additions & 0 deletions b/‎installer/pkg/common/constants.go‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎installer/pkg/components/cluster/certmanager.go‎
Lines changed: 1 addition & 0 deletions b/‎installer/pkg/components/cluster/certmanager.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎installer/pkg/components/docker-registry/certificate.go‎
Lines changed: 2 additions & 6 deletions b/‎installer/pkg/components/docker-registry/certificate.go‎
Lines changed: 2 additions & 6 deletions
diff --git a/‎installer/pkg/components/registry-facade/certificate.go‎
Lines changed: 1 addition & 5 deletions b/‎installer/pkg/components/registry-facade/certificate.go‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎installer/pkg/components/ws-daemon/tlssecret.go‎
Lines changed: 1 addition & 5 deletions b/‎installer/pkg/components/ws-daemon/tlssecret.go‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎installer/pkg/components/ws-manager/tlssecret.go‎
Lines changed: 2 additions & 5 deletions b/‎installer/pkg/components/ws-manager/tlssecret.go‎
Lines changed: 2 additions & 5 deletions
@@ -4,6 +4,11 @@
 
 package common
 
+import (
+metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+"time"
+)
+
 // This file exists to break cyclic-dependency errors
 
 const (
@@ -35,3 +40,7 @@ const (
 
 AnnotationConfigChecksum = "gitpod.io/checksum_config"
 )
+
+var (
+InternalCertDuration = &metav1.Duration{Duration: time.Hour * 24 * 90}
+)
@@ -39,6 +39,7 @@ func certmanager(ctx *common.RenderContext) ([]runtime.Object, error) {
 },
 Spec: v1.CertificateSpec{
 IsCA: true,
+Duration: common.InternalCertDuration,
 CommonName: caName,
 SecretName: caName,
 PrivateKey: &v1.CertificatePrivateKey{
 
@@ -6,11 +6,9 @@ package dockerregistry
 
 import (
 "fmt"
+"github.com/gitpod-io/gitpod/installer/pkg/common"
 certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
-"time"
-
-"github.com/gitpod-io/gitpod/installer/pkg/common"
 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 "k8s.io/apimachinery/pkg/runtime"
 "k8s.io/utils/pointer"
@@ -21,8 +19,6 @@ func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
 return nil, nil
 }
 
-oneYear := &metav1.Duration{Duration: time.Hour * 24 * 365}
-
 return []runtime.Object{&certmanagerv1.Certificate{
 TypeMeta: common.TypeMetaCertificate,
 ObjectMeta: metav1.ObjectMeta{
@@ -31,7 +27,7 @@ func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
 Labels: common.DefaultLabels(Component),
 },
 Spec: certmanagerv1.CertificateSpec{
-Duration: oneYear,
+Duration: common.InternalCertDuration,
 SecretName: BuiltInRegistryCerts,
 IssuerRef: cmmeta.ObjectReference{
 Name: common.CertManagerCAIssuer,
 
@@ -6,8 +6,6 @@ package registryfacade
 
 import (
 "fmt"
-"time"
-
 certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
 
@@ -17,8 +15,6 @@ import (
 )
 
 func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
-oneYear := &metav1.Duration{Duration: time.Hour * 24 * 365}
-
 return []runtime.Object{&certmanagerv1.Certificate{
 TypeMeta: common.TypeMetaCertificate,
 ObjectMeta: metav1.ObjectMeta{
@@ -27,7 +23,7 @@ func certificate(ctx *common.RenderContext) ([]runtime.Object, error) {
 Labels: common.DefaultLabels(Component),
 },
 Spec: certmanagerv1.CertificateSpec{
-Duration: oneYear,
+Duration: common.InternalCertDuration,
 SecretName: common.RegistryFacadeTLSCertSecret,
 IssuerRef: cmmeta.ObjectReference{
 Name: common.CertManagerCAIssuer,
 
@@ -10,14 +10,10 @@ import (
 certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
 cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-"time"
-
 "k8s.io/apimachinery/pkg/runtime"
 )
 
 func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
-oneYear := &metav1.Duration{Duration: time.Hour * 24 * 365}
-
 return []runtime.Object{
 &certmanagerv1.Certificate{
 TypeMeta: common.TypeMetaCertificate,
@@ -27,7 +23,7 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 Labels: common.DefaultLabels(Component),
 },
 Spec: certmanagerv1.CertificateSpec{
-Duration: oneYear,
+Duration: common.InternalCertDuration,
 SecretName: TLSSecretName,
 DNSNames: []string{
 fmt.Sprintf("gitpod.%s", ctx.Namespace),
 
@@ -6,8 +6,6 @@ package wsmanager
 
 import (
 "fmt"
-"time"
-
 "github.com/gitpod-io/gitpod/installer/pkg/common"
 
 certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
@@ -32,7 +30,6 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 Component,
 }
 
-sixMonths := &metav1.Duration{Duration: time.Hour * 4380}
 issuer := common.CertManagerCAIssuer
 
 return []runtime.Object{
@@ -44,7 +41,7 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 Labels: common.DefaultLabels(Component),
 },
 Spec: certmanagerv1.CertificateSpec{
-Duration: sixMonths,
+Duration: common.InternalCertDuration,
 SecretName: TLSSecretNameSecret,
 DNSNames: serverAltNames,
 IssuerRef: cmmeta.ObjectReference{
@@ -62,7 +59,7 @@ func tlssecret(ctx *common.RenderContext) ([]runtime.Object, error) {
 Labels: common.DefaultLabels(Component),
 },
 Spec: certmanagerv1.CertificateSpec{
-Duration: sixMonths,
+Duration: common.InternalCertDuration,
 SecretName: TLSSecretNameClient,
 DNSNames: clientAltNames,
 IssuerRef: cmmeta.ObjectReference{