Address PR comments

Author: carlosmonastyrski

certificate-agent-config.yaml

@@ -9,8 +9,7 @@ auth:
     remove_client_secret_on_read: false
 
 certificates:
-  - profile-id: "550e8400-e29b-41d4-a716-446655440000"
-    destination-path: "./certs/web-server"
+  - profile-id: "5882cac9-b182-4209-a311-64b7c12c4610"
 
     # Certificate parameters
     common-name: "api.mycompany.com"
@@ -25,12 +24,13 @@ certificates:
     extended-key-usages:
       - "server_auth"
 
-    # Lifecycle configuration
+    # Certificate lifecycle configuration
     ttl: "30d"
-    renew-before-expiry: "7d"
-    monitoring-interval: "6h"
-    max-retries: 3
-    retry-interval: "1h"
+    lifecycle:
+      renew-before-expiry: "7d"            # When to start checking for renewal before expiration
+      status-check-interval: "6h"          # How often to check certificate status and renewal needs
+      max-failure-retries: 3               # Maximum number of failed operation retries before giving up
+      failure-retry-interval: "1h"         # How long to wait between failed operation retry attempts
 
     # Post-hooks for automation
     post-hooks:
@@ -44,11 +44,9 @@ certificates:
         command: "logger 'Certificate failed for api.mycompany.com'"
         timeout: 10
 
-    file-config:
+    output-file-configuration:
+      private-key-path: "./certs/web-server/private.key"
+      certificate-path: "./certs/web-server/certificate.crt"
+      certificate-chain-path: "./certs/web-server/chain.crt"
       file-permissions: "0600"
       directory-permissions: "0755"
-
-sinks:
-  - type: "file"
-    config:
-      path: "access-token"

packages/api/model.go

@@ -869,21 +869,21 @@ type CertificateResponse struct {
 
 type RetrieveCertificateResponse struct {
 	Certificate struct {
-		ID                 string    `json:"id"`
-		CreatedAt          time.Time `json:"createdAt"`
-		UpdatedAt          time.Time `json:"updatedAt"`
-		Status             string    `json:"status"`
-		SerialNumber       string    `json:"serialNumber"`
-		CommonName         string    `json:"commonName"`
-		NotBefore          time.Time `json:"notBefore"`
-		NotAfter           time.Time `json:"notAfter"`
-		ProjectId          string    `json:"projectId"`
-		CaId               string    `json:"caId"`
-		KeyUsages          []string  `json:"keyUsages"`
-		ExtendedKeyUsages  []string  `json:"extendedKeyUsages"`
-		Certificate        string    `json:"certificate,omitempty"`
-		CertificateChain   string    `json:"certificateChain,omitempty"`
-		PrivateKey         string    `json:"privateKey,omitempty"`
+		ID                string    `json:"id"`
+		CreatedAt         time.Time `json:"createdAt"`
+		UpdatedAt         time.Time `json:"updatedAt"`
+		Status            string    `json:"status"`
+		SerialNumber      string    `json:"serialNumber"`
+		CommonName        string    `json:"commonName"`
+		NotBefore         time.Time `json:"notBefore"`
+		NotAfter          time.Time `json:"notAfter"`
+		ProjectId         string    `json:"projectId"`
+		CaId              string    `json:"caId"`
+		KeyUsages         []string  `json:"keyUsages"`
+		ExtendedKeyUsages []string  `json:"extendedKeyUsages"`
+		Certificate       string    `json:"certificate,omitempty"`
+		CertificateChain  string    `json:"certificateChain,omitempty"`
+		PrivateKey        string    `json:"privateKey,omitempty"`
 	} `json:"certificate"`
 }
 
@@ -901,17 +901,17 @@ type RenewCertificateResponse struct {
 }
 
 type GetCertificateRequestResponse struct {
-	Status       string    `json:"status"` // "pending", "issued", "failed"
-	CreatedAt    time.Time `json:"createdAt"`
-	UpdatedAt    time.Time `json:"updatedAt"`
-	CommonName   string    `json:"commonName,omitempty"`
-	ProjectID    string    `json:"projectId,omitempty"`
-	ProfileID    string    `json:"profileId,omitempty"`
-	Certificate          *string `json:"certificate,omitempty"`
-	IssuingCaCertificate *string `json:"issuingCaCertificate,omitempty"`
-	CertificateChain     *string `json:"certificateChain,omitempty"`
-	PrivateKey           *string `json:"privateKey,omitempty"`
-	SerialNumber         *string `json:"serialNumber,omitempty"`
-	CertificateID        *string `json:"certificateId,omitempty"`
-	ErrorMessage *string `json:"errorMessage,omitempty"`
+	Status               string    `json:"status"` // "pending", "issued", "failed"
+	CreatedAt            time.Time `json:"createdAt"`
+	UpdatedAt            time.Time `json:"updatedAt"`
+	CommonName           string    `json:"commonName,omitempty"`
+	ProjectID            string    `json:"projectId,omitempty"`
+	ProfileID            string    `json:"profileId,omitempty"`
+	Certificate          *string   `json:"certificate,omitempty"`
+	IssuingCaCertificate *string   `json:"issuingCaCertificate,omitempty"`
+	CertificateChain     *string   `json:"certificateChain,omitempty"`
+	PrivateKey           *string   `json:"privateKey,omitempty"`
+	SerialNumber         *string   `json:"serialNumber,omitempty"`
+	CertificateID        *string   `json:"certificateId,omitempty"`
+	ErrorMessage         *string   `json:"errorMessage,omitempty"`
 }