weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
9,719 Commits 45 Branches 0 Tags 96 MiB
master
Commit Graph

504 Commits

Author SHA1 Message Date
Erik Godding Boye
236523b2c1
feat: API defaults for IssuerRef 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-07-31 18:36:18 +02:00
Erik Godding Boye
f1ebe5253a
add packages for less OpenAPI 2.0 validation errors 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-07-28 13:13:23 +02:00
Erik Godding Boye
7b8b0c612c
Add openapi-gen to client packages 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-07-28 13:13:23 +02:00
cert-manager-prow[bot]
76ca203a3f
Merge pull request #7856 from hjoshi123/feat/certificate-metric-collector-migration 
feat(metrics): refactoring certificate metrics to collector
 2025-07-24 13:36:45 +00:00
hjoshi123
021a9a49e1
added cert collector and moved unit test 
Signed-off-by: hjoshi123 <mail@hjoshi.me>
 2025-07-20 15:28:52 -06:00
Tim Ramlot
d84b41471c
use makefile modules for CRD generation 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2025-07-12 13:39:31 +02:00
cert-manager-prow[bot]
b7eef53e56
Merge pull request #7844 from erikgb/cleanup-sign 
Let x509.CreateCertificate set Version and SerialNumber
 2025-07-09 19:33:28 +00:00
hjoshi123
2558e46a3b
added collector for cert challenge and unit, integrationt test 
Signed-off-by: hjoshi123 <hemant.joshi@vizio.com>
 2025-07-07 15:15:12 -06:00
Erik Godding Boye
3d9841cd9b
Let x509.CreateCertificate set Version and SerialNumber 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-07-05 22:12:17 +02:00
Richard Wall
3aa67dd14f Change ACMEHTTP01IngressPathTypeExact feature to beta 
Signed-off-by: Richard Wall <richard.wall@cyberark.com>
 2025-06-17 16:55:15 +01:00
Richard Wall
172d4ad6e0 Fix typo 
Signed-off-by: Richard Wall <richard.wall@cyberark.com>
 2025-06-17 09:52:41 +01:00
Sascha Spreitzer
965c1b4a16
feat(acme): Add default feature gate to set Ingress pathType to Exact 
Signed-off-by: Sascha Spreitzer <sascha@spreitzer.ch>
 2025-06-14 13:08:46 +02:00
Tim Ramlot
25bd23091d
use sigs.k8s.io/randfill instead of github.com/google/gofuzz 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2025-06-06 16:11:48 +02:00
Tim Ramlot
3e08ecbc7e
finetune t.Context() usage 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2025-06-06 06:26:01 +02:00
Tim Ramlot
d72df08425
bump go 1.24.0 and fix 'usetesting' linter 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2025-06-05 03:16:46 +02:00
Ashley Davis
3abff05392 ACME profile support 
Signed-off-by: Ashley Davis <ashley.davis@cyberark.com>
(cherry picked from commit 72f58b7be72939fcab4edd1575a6bed4ef1cf98c)

- Fix some unit tests
- Move the debug log message
- Catch errors due to ACME profiles not being supported by the ACME server
- Configure Pebble with ACME profiles. See https://github.com/letsencrypt/pebble/pull/473
- Improve wrapping of CRD field help
- make generate-crds
- make fix-golangci-lint

Signed-off-by: Richard Wall <richard.wall@cyberark.com>

Fix typo

Signed-off-by: Richard Wall <richard.wall@cyberark.com>

Use a shorter argument name

Signed-off-by: Richard Wall <richard.wall@cyberark.com>
 2025-06-04 16:31:29 +01:00
alihamzanoor
6b2d5f713d Not allowing 0 for revision history limit 
Signed-off-by: alihamzanoor <alihamzanoor99@gmail.com>
 2025-05-28 13:00:32 +01:00
alihamzanoor
6cafe5e6c6 Set the default RevisionHistoryLimit to 1 for CertificateRequest revisions 
Signed-off-by: alihamzanoor <alihamzanoor99@gmail.com>
 2025-05-17 16:34:05 +01:00
cert-manager-prow[bot]
0b21f6399d
Merge pull request #7743 from wallrj/rotation-policy-default-always-2 
Avoid mutating the client-go informer cache
 2025-05-12 11:29:52 +00:00
Erik Godding Boye
affd56e5e3
Graduate AdditionalCertificateOutputFormats feature gate 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-05-10 10:53:40 +02:00
cert-manager-prow[bot]
e3775009a5
Merge pull request #7735 from jsoref/promote-UseDomainQualifiedFinalizer 
graduate `UseDomainQualifiedFinalizer` to GA
 2025-05-09 14:48:49 +00:00
Richard Wall
2d28b29804 Avoid mutating the client-go informer cache 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2025-05-09 14:34:48 +01:00
cert-manager-prow[bot]
7689ea6918
Merge pull request #7740 from jsoref/spelling-e-g- 
spelling: e.g.
 2025-05-08 16:58:49 +00:00
Josh Soref
9ae0d910a3 graduate 'UseDomainQualifiedFinalizer' to GA 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-05-08 06:57:52 -04:00
Richard Wall
c2406f6ca3 An API warning if the Certificate rotation policy is omitted 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2025-05-08 09:12:00 +01:00
Josh Soref
5ad454a65d spelling: e.g. 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-05-07 22:05:43 -04:00
Richard Wall
f3a4bdf1ca Don't clobber the existing rotation policy, if it is supplied 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2025-05-07 17:17:06 +01:00
Richard Wall
835026cc38 Move the defaulting to a dedicated function, with a unit-test 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2025-05-07 15:29:17 +01:00
Richard Wall
7d87f034f7 Add DefaultPrivateKeyRotationPolicyAlways feature gate 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2025-05-06 14:42:58 +01:00
Tarek Sharafi
c8ba79f15b add tests 
Signed-off-by: Tarek Sharafi <tareq.sha@gmail.com>
 2025-04-17 16:56:26 +03:00
Tarek Sharafi
b1624bf7b3 Merge branch 'master' of https://github.com/cert-manager/cert-manager 2025-04-17 16:46:54 +03:00
Tim Ramlot
cb782645f5
fix golangci-lint errors 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2025-04-15 12:59:28 +00:00
Tero Saarni
11baa07851 Allow disabling experimental CSR controllers 
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2025-04-14 18:11:23 +03:00
cert-manager-prow[bot]
dae91eee5b
Merge pull request #7678 from Nordix/namespaced-fix 
Fix behavior when running with --namespace=<namespace>
 2025-04-14 11:53:46 +00:00
Tarek Sharafi
cd8992338c Merge branch 'master' of https://github.com/cert-manager/cert-manager 
Signed-off-by: Tarek Sharafi <tareq.sha@gmail.com>
 2025-04-13 00:00:15 +03:00
Erik Godding Boye
b90118f1ab
Make DynamicAuthority CN and secret labels configurable 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-04-12 17:49:59 +02:00
Tero Saarni
105d90d5eb Fix behavior when running with --namespace=<namespace> 
- Disable controllers that require cluster-scoped RBAC permissions by design.
- In the self-signed issuer, skip listing ClusterIssuer resources to respect
  the --namespace parameter and prevent the need for unnecessary cluster-wide
  RBAC permissions.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2025-04-11 20:56:36 +03:00
Erik Godding Boye
8eb6c049b4
Migrate usage of deprecated logr testing package 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2025-04-11 19:37:20 +02:00
Tim Ramlot
005f7a678a
BOT: run 'make upgrade-klone' and 'make generate' 
Signed-off-by: cert-manager-bot <cert-manager-bot@users.noreply.github.com>
 2025-04-10 10:33:27 +00:00
Adam Talbot
e5e6c2e7f2 feat: allow server name to be set on the vault client 
Signed-off-by: Adam Talbot <adamtalbot93@googlemail.com>
 2025-04-06 16:17:38 +01:00
Dinar Valeev
e644d20222
ingress-shim: optionally copy specific annotation 
This commit introduces an ingress-shim option:
--extra-certificate-annotations which sets list of annotation keys to be copied
from IngLike to resulting Certificate object

Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com>
Signed-off-by: Dinar Valeev <k0da@opensuse.org>
 2025-03-21 10:08:35 +01:00
Ashley Davis
8eb4cea460
fix incorrect default in venafi issuer docs 
Signed-off-by: Ashley Davis <ashley.davis@cyberark.com>
 2025-03-12 11:12:19 +00:00
Tarek Sharafi
344f5c3420 validation 
Signed-off-by: Tarek Sharafi <tareq.sha@gmail.com>
 2025-02-27 23:12:03 +02:00
Tarek Sharafi
e7618ca5f5 allow customizing signature algorithm 
Signed-off-by: Tarek Sharafi <tareq.sha@gmail.com>
 2025-02-26 16:42:53 +02:00
cert-manager-prow[bot]
f754d975cd
Merge pull request #7554 from jsoref/spelling 
Spelling
 2025-02-19 09:58:36 +00:00
Josh Soref
e8e980b75d spelling: vnew 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2025-02-18 13:20:13 -05:00
Josh Soref
d391a330a5 spelling: spec 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-02-18 13:20:13 -05:00
Josh Soref
ad3ac0e14c spelling: self-signed 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-02-18 13:20:13 -05:00
Josh Soref
ca194b8875 spelling: object-meta 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-02-18 13:20:13 -05:00
Josh Soref
79d702f379 spelling: greater than 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-02-18 13:20:13 -05:00