Initial scaffold: certificate control plane v0.1.0

2026-06-14 19:09:04 +00:00 · 2026-03-14 08:22:17 -04:00
commit d395776a95
57 changed files with 9548 additions and 0 deletions
@@ -0,0 +1,65 @@
+package domain
+
+import (
+	"time"
+)
+
+// ManagedCertificate represents a certificate managed by the control plane.
+type ManagedCertificate struct {
+	ID              string            `json:"id"`
+	Name            string            `json:"name"`
+	CommonName      string            `json:"common_name"`
+	SANs            []string          `json:"sans"`
+	Environment     string            `json:"environment"`
+	OwnerID         string            `json:"owner_id"`
+	TeamID          string            `json:"team_id"`
+	IssuerID        string            `json:"issuer_id"`
+	TargetIDs       []string          `json:"target_ids"`
+	RenewalPolicyID string            `json:"renewal_policy_id"`
+	Status          CertificateStatus `json:"status"`
+	ExpiresAt       time.Time         `json:"expires_at"`
+	Tags            map[string]string `json:"tags"`
+	LastRenewalAt   *time.Time        `json:"last_renewal_at,omitempty"`
+	LastDeploymentAt *time.Time       `json:"last_deployment_at,omitempty"`
+	CreatedAt       time.Time         `json:"created_at"`
+	UpdatedAt       time.Time         `json:"updated_at"`
+}
+
+// CertificateVersion represents a specific version of a certificate.
+type CertificateVersion struct {
+	ID               string    `json:"id"`
+	CertificateID    string    `json:"certificate_id"`
+	SerialNumber     string    `json:"serial_number"`
+	NotBefore        time.Time `json:"not_before"`
+	NotAfter         time.Time `json:"not_after"`
+	FingerprintSHA256 string   `json:"fingerprint_sha256"`
+	PEMChain         string    `json:"pem_chain"`
+	CSRPEM           string    `json:"csr_pem"`
+	CreatedAt        time.Time `json:"created_at"`
+}
+
+// CertificateStatus represents the lifecycle status of a managed certificate.
+type CertificateStatus string
+
+const (
+	CertificateStatusPending           CertificateStatus = "Pending"
+	CertificateStatusActive            CertificateStatus = "Active"
+	CertificateStatusExpiring          CertificateStatus = "Expiring"
+	CertificateStatusExpired           CertificateStatus = "Expired"
+	CertificateStatusRenewalInProgress CertificateStatus = "RenewalInProgress"
+	CertificateStatusFailed            CertificateStatus = "Failed"
+	CertificateStatusRevoked           CertificateStatus = "Revoked"
+	CertificateStatusArchived          CertificateStatus = "Archived"
+)
+
+// RenewalPolicy defines renewal parameters for a managed certificate.
+type RenewalPolicy struct {
+	ID                string    `json:"id"`
+	Name              string    `json:"name"`
+	RenewalWindowDays int       `json:"renewal_window_days"`
+	AutoRenew         bool      `json:"auto_renew"`
+	MaxRetries        int       `json:"max_retries"`
+	RetryInterval     int       `json:"retry_interval_seconds"`
+	CreatedAt         time.Time `json:"created_at"`
+	UpdatedAt         time.Time `json:"updated_at"`
+}