weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
7,151 Commits 45 Branches 0 Tags 96 MiB
00a20097b6
Commit Graph

93 Commits

Author SHA1 Message Date
joshvanl
0802489f4e Updates Order controller to support apply call when feature gate it 
enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-16 10:33:48 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
irbekrm
e7cc37ef71 Code review feedback 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Co-authored-by: Maël Valais <mael@vls.dev>
 2022-01-11 18:09:44 +00:00
irbekrm
24866544b8 Ensures that if alternate cert chain is specified, it is retrieved 
Ensures that if the cert is retrieved in a reconcile following the one that finalized the ACME order, the alternate cert chain is still respected, if specified by user

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-01-11 10:51:14 +00:00
irbekrm
de8aa2583e Ensures that ACME orders controller does not create new order if it failed to update old order's status to valid 
Check the status of the ACME order if finalizing order failed to catch edge cases where the order is already finalized, but the updating of Order CR's status has failed

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-01-11 10:51:14 +00:00
irbekrm
4aee0a4acd Reduce a few calls to ACME server 
Ensure that when updating cert-manager Order CR's status from an existing ACME Order only one call will be made to retrieve the ACME Order

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-26 16:31:27 +00:00
irbekrm
e66c6a04d4 Fixes a typo in finalizeOrders 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-26 16:30:25 +00:00
irbekrm
7739497f22 Don't process Order CRs that have failed 
Ensure that cert-manager does not attempt to create new ACME Orders for cert-manager Order CRs that are in failed (errored, invalid or expired) state. If the CertificateRequest was created from a Certificate, the issuance will be retried after 1 hour

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-23 15:34:35 +00:00
irbekrm
598ed35e4a Uses go/crypto ListCertAlternates function to fetch alternative certificate chains 
This allows us to use upstream go/crypto again instead of our own fork

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-07 15:21:26 +01:00
irbekrm
06f6b46f30 Implements feedback from code review 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:20:05 +01:00
irbekrm
bbfd2294f9 Integration test for ACME Orders controller 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:11:48 +01:00
irbekrm
1e235c79f2 Re-queue Order with finalized Challenges, but pending state 
To avoid stuck Orders in case of a misbehaving ACME server

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:05:44 +01:00
jetstack-bot
06b68d35e0
Merge pull request #3835 from RinkiyaKeDad/3620_constants_in_eventf 
chore: used constants for string literals when recording new events
 2021-04-13 15:14:11 +01:00
RinkiyaKeDad
0b87eeae97 added reason prefix for all 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-13 16:40:56 +05:30
RinkiyaKeDad
bba7c1011d added prefix and made constants public 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-08 12:17:15 +05:30
RinkiyaKeDad
ab912ef120 chore: added constants for non repeating ones also 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-01 15:46:54 +05:30
joshvanl
18ae2295f9 Pass context through to client calls in controllers and acme issuer 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-31 20:34:12 +01:00
Salman
572bfb9111 Replace reflect.DeepEqual with semantic equality check 
Signed-off-by: salmanahmed404 <salmanahmed404@gmail.com>
 2021-03-27 12:49:14 +05:30
Maartje Eyskens
ab0cd57dc5 Use The cert-manager Authors. 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-11 19:04:13 +01:00
Maartje Eyskens
1788a9d758 Update copyright to cert-manager project 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-08 19:04:49 +01:00
Maartje Eyskens
04d88479e4 Pass duration on until ACME order creation 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-11-20 09:46:49 +01:00
Maartje Eyskens
7b6573aa35 Add duration into ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-11-20 09:45:32 +01:00
Mateusz Gozdek
27fa2f1ec4
Fix various typos found by codespell 
Found by running this command:

codespell -S .git,*.png,go.sum -L keypair,iam,ans,unknwon,tage,ths,creater

Signed-off-by: Mateusz Gozdek <mgozdekof@gmail.com>
 2020-11-07 14:55:13 +01:00
Maartje Eyskens
39de7f3b99 Fix IP type 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-10-08 15:24:56 +02:00
Maartje Eyskens
b3e25815a5 Add support for IPs in ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-10-08 15:24:56 +02:00
Maartje Eyskens
90d6a54151 Add support for alternate certs with PrefferedChain in ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-21 17:56:26 +02:00
Richard Wall
821d824cc2 Revert renaming of CSR > Request in comments and in error messages 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:28:07 +01:00
Richard Wall
a70298180a Run a script to update v1alpha2 usage to v1 
Script is available at https://github.com/jetstack/cert-manager/pull/3201

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:26:51 +01:00
Maartje Eyskens
3259fdfe9b Implement feedback 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
827ce9c5ad Revert log levels on errors 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
86dee5ed41 Set error log levels 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Maartje Eyskens
fecd0b3518 Set all log levels for info 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
James Munnelly
09d5121713 Update acmeorders controller for new field type 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-07-06 16:25:46 +01:00
JoshVanL
92eb8d0957
Refactor controllers to use new instrumented metrics that's baked into 
all controllers

Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2020-05-18 17:43:56 +01:00
James Munnelly
b126a0c0e5 Use acme AccountRegistry throughout and tidy up ACME setup code 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-13 13:14:46 +01:00
James Munnelly
982b21bb06 Fix bug that could lead to validation to fail when attempting to update immutable field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-01 12:33:14 +01:00
James Munnelly
3e8649abc2 Handle ACME orders with already valid authorizations upon first fetch through new 'initialState' field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-01 12:33:14 +01:00
James Munnelly
881b886049 Update Kubernetes API client call-sites 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-03-26 12:58:50 +00:00
James Munnelly
1f3b883cfd Don't overwrite order.status.url if return Order's URI is empty 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-12-03 16:49:31 +00:00
James Munnelly
641fe0da7c Switch to using upstream golang.org/x/crypto 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-12-03 16:49:31 +00:00
James Munnelly
56b1fdd379 Make ACMEAuthorization.Wildcard a *bool 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-10-15 12:35:11 +01:00
James Munnelly
ef55bd5807 Mark Order & Challenge resources as Errored if 4xx error is received 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-10-11 09:30:17 +01:00
James Munnelly
9a807be80a Fix not returning updateErr if updating status failed 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-10-02 14:09:24 +01:00
James Munnelly
8bf08237f7 Migrate acmechallenges and acmeorders to use UpdateStatus 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-10-02 12:38:29 +01:00
JoshVanL
b6803a2185 Fully update challenge and order in controller sync instead of UpdateStatus 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-09-30 13:47:51 +01:00
JoshVanL
94d077a5fb Adds status sub resource and changes updates 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-09-30 13:47:50 +01:00
James Munnelly
2868b4a7b7 Update pkg/controllers 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-09-23 10:07:53 +01:00
James Munnelly
58754abf37 Refactor codebase for v1alpha2 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-09-20 16:22:43 +01:00
James Munnelly
20840b552d Remove deprecated code from acmeorders controller 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-09-19 13:07:59 +01:00
James Munnelly
ab06335078 Mark Order as failed if invalid data is returned from ACME server 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-09-10 14:46:55 +01:00