gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 17:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
697c0be9f32a30910866fbff4b15fe6b2efc9b37
certctl/internal/domain/ari.go
T
shankar0123 ec21c9bb29 feat(m28+m29+m30): ACME ARI, email digest, and Helm chart 
M28: ACME Renewal Information (RFC 9702) — CA-directed renewal timing
with cert ID computation, directory endpoint discovery, graceful
degradation for non-ARI CAs. 19 tests.

M29: Email notifier wiring + scheduled certificate digest — SMTP
connector bridged to service layer via NotifierAdapter, DigestService
with HTML email template, 7th scheduler loop (24h), digest preview/send
API endpoints and GUI card. 21 tests.

M30: Production-ready Helm chart — server Deployment, PostgreSQL
StatefulSet, agent DaemonSet, ConfigMaps, Secrets, Ingress, security
contexts, health probes, example values for dev/prod/ACME scenarios.

Also: OpenAPI spec updates, MCP tool additions, CI helm-lint job,
documentation updates across 5 doc files and README.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-28 21:18:35 -04:00

36 lines
1.5 KiB
Go
Raw Blame History

package domain
import "time"
// RenewalInfo represents ACME Renewal Information (ARI) per RFC 9702.
// It provides CA-directed renewal timing via a suggested renewal window.
type RenewalInfo struct {
// SuggestedWindowStart is the beginning of the time window during which the CA suggests renewal.
SuggestedWindowStart time.Time `json:"suggested_window_start"`
// SuggestedWindowEnd is the end of the time window during which the CA suggests renewal.
SuggestedWindowEnd time.Time `json:"suggested_window_end"`
// RetryAfter is the earliest time the client should re-poll for updated ARI.
// Zero value means no retry constraint.
RetryAfter time.Time `json:"retry_after,omitempty"`
// ExplanationURL is an optional URL with human-readable explanation for the renewal timing.
ExplanationURL string `json:"explanation_url,omitempty"`
}
// ShouldRenewNow returns true if the current time is within or past the suggested renewal window.
// This is the primary decision point: if true, renewal should proceed immediately.
func (r *RenewalInfo) ShouldRenewNow() bool {
now := time.Now()
return !now.Before(r.SuggestedWindowStart)
}
// OptimalRenewalTime returns the midpoint of the suggested renewal window,
// which is the recommended time to initiate renewal per RFC 9702.
// This can be used for scheduling if the current time is before the window.
func (r *RenewalInfo) OptimalRenewalTime() time.Time {
duration := r.SuggestedWindowEnd.Sub(r.SuggestedWindowStart)
return r.SuggestedWindowStart.Add(duration / 2)
}
Reference in New Issue View Git Blame Copy Permalink