Solution:

This is now a UTC timestamp in the RFC 3339 format rather than a relative time.

Description of problem:

When viewing a CertificatePolicy that is Non-Compliant on the Policy dashboard (or within its compliance status in the object) we never see the time till expiration update after it hits the threshold to become Non-Compliant. It appears to capture the time until expiration that triggers the threshold then that status does not update again until the compliance status flips as the cert is updated. We still see the time till expiration being calculated each time within the cert policy controller, it is just not passed along to the object/dashboard.

We would like the ability to see how long until expiration at a glance from the policy as presently it does not even differentiate between x time until expiration or if the cert has actually already expired.

Version-Release number of selected component (if applicable):

2.10

How reproducible:

Continuously

Steps to Reproduce:

1. Create a cert policy and allow it to reach the non-compliant threshold for expiration
2.  
3. ...

Actual results:

The status of the policy captures the time till cert expiration once the policy becomes non-compliant then does not update it while the compliance status stays static.

Expected results:

The message within the policy is updated with time to expiration. 

Additional info: