weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #2989 from meyskens/cf-no-email

Browse Source 
Make Cloudflare email an optional field
This commit is contained in:
jetstack-bot 2020-06-26 10:58:39 +01:00 committed by GitHub
commit deac83e6fb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deploy/crds/crd-challenges.yaml
View File

@ -275,8 +275,6 @@ spec:
description: ACMEIssuerDNS01ProviderCloudflare is a structure
containing the DNS configuration for Cloudflare
type: object
required:
- email
properties:
apiKeySecretRef:
type: object

2
deploy/crds/crd-clusterissuers.yaml
View File

@ -313,8 +313,6 @@ spec:
description: ACMEIssuerDNS01ProviderCloudflare is a structure
containing the DNS configuration for Cloudflare
type: object
required:
- email
properties:
apiKeySecretRef:
type: object

2
deploy/crds/crd-issuers.yaml
View File

@ -313,8 +313,6 @@ spec:
description: ACMEIssuerDNS01ProviderCloudflare is a structure
containing the DNS configuration for Cloudflare
type: object
required:
- email
properties:
apiKeySecretRef:
type: object

1
pkg/apis/acme/v1alpha2/types_issuer.go
View File

@ -303,6 +303,7 @@ type ACMEIssuerDNS01ProviderCloudDNS struct {
// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS
// configuration for Cloudflare
type ACMEIssuerDNS01ProviderCloudflare struct {
// +optional
Email string `json:"email"`
APIKey *cmmeta.SecretKeySelector `json:"apiKeySecretRef,omitempty"`
APIToken *cmmeta.SecretKeySelector `json:"apiTokenSecretRef,omitempty"`

1
pkg/apis/acme/v1alpha3/types_issuer.go
View File

@ -303,6 +303,7 @@ type ACMEIssuerDNS01ProviderCloudDNS struct {
// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS
// configuration for Cloudflare
type ACMEIssuerDNS01ProviderCloudflare struct {
// +optional
Email string `json:"email"`
APIKey *cmmeta.SecretKeySelector `json:"apiKeySecretRef,omitempty"`
APIToken *cmmeta.SecretKeySelector `json:"apiTokenSecretRef,omitempty"`

2
pkg/internal/apis/certmanager/validation/issuer.go
View File

@ -316,7 +316,7 @@ func ValidateACMEChallengeSolverDNS01(p *cmacme.ACMEChallengeSolverDNS01, fldPat
if p.Cloudflare.APIKey == nil && p.Cloudflare.APIToken == nil {
el = append(el, field.Required(fldPath.Child("cloudflare"), "apiKeySecretRef or apiTokenSecretRef is required"))
}
if len(p.Cloudflare.Email) == 0 {
if len(p.Cloudflare.Email) == 0 && p.Cloudflare.APIKey != nil {
el = append(el, field.Required(fldPath.Child("cloudflare", "email"), ""))
}
}

6
pkg/issuer/acme/dns/cloudflare/cloudflare.go
View File

@ -48,7 +48,7 @@ func NewDNSProvider(dns01Nameservers []string) (*DNSProvider, error) {
// NewDNSProviderCredentials uses the supplied credentials to return a
// DNSProvider instance configured for cloudflare.
func NewDNSProviderCredentials(email, key, token string, dns01Nameservers []string) (*DNSProvider, error) {
if email == "" || (key == "" && token == "") {
if (email == "" && key != "") || (key == "" && token == "") {
return nil, fmt.Errorf("CloudFlare credentials missing")
}
if key != "" && token != "" {
@ -221,7 +221,9 @@ func (c *DNSProvider) makeRequest(method, uri string, body io.Reader) (json.RawM
return nil, err
}
req.Header.Set("X-Auth-Email", c.authEmail)
if c.authEmail != "" {
req.Header.Set("X-Auth-Email", c.authEmail)
}
if c.authToken != "" {
req.Header.Set("Authorization", "Bearer "+c.authToken)
} else {