weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
7,151 Commits 45 Branches 0 Tags 96 MiB
00a20097b6
Commit Graph

1112 Commits

Author SHA1 Message Date
Nils Mueller
00a20097b6 Add option to load Vault CA bundle from Kubernetes Secret 
Vault distributions like "Bank Vaults" automatically configure
and provision Vault and provide the CA bundle via a Kubernetes
Secret. Having to hard-code the bundle in the Issuer instead
of dynamically referencing it through the Secret requires
a manual second step when using a GitOps workflow.

Signed-off-by: Nils Mueller <nm@impactful.it>
 2022-08-15 03:10:51 +03:00
Joakim Ahrlin
1501449e3e use GenerateName instead 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-08-09 12:41:31 +02:00
Joakim Ahrlin
de0f39e553 add random suffix to webhooks in CA Injector e2e tests 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-08-08 12:52:52 +02:00
jetstack-bot
07677c57bc
Merge pull request #5366 from munnerz/privatekey-regen-test 
Ensures CertificateRequests marked as 'InvalidRequest' are properly handled as failures & retried
 2022-08-05 16:23:30 +01:00
James Munnelly
ddc19a1c57 Fix comment 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-08-05 15:52:52 +01:00
jetstack-bot
88bda66693
Merge pull request #5345 from inteon/ginkgo_v2 
Upgrade to Ginkgo v2
 2022-08-04 21:06:15 +01:00
James Munnelly
2de5135e18 Fix test flake 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-08-04 14:15:49 +01:00
James Munnelly
e62bfaf367 Add test to check InvalidRequest handling for certificates 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-08-04 12:21:41 +01:00
James Munnelly
51014e5752 Add integration test for regenerating private key for each CR upon failure 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-08-04 12:21:41 +01:00
James Munnelly
099a52ffe3 integration framework: add StartInformersAndControllers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-08-04 12:21:41 +01:00
Tim Ramlot
a8743628a4 only print Helm install output on error 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-04 10:21:27 +00:00
Tim Ramlot
501277bb62 bugfix ginkgo: make tests deterministic, don't use maps to define testCases 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-04 10:16:29 +00:00
Tim Ramlot
9897f2355c upgrade ginkgo to v2 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-04 10:16:29 +00:00
Tim Ramlot
93caba980e apply go fmt for go1.19 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-04 09:51:57 +00:00
Tim Ramlot
f6a381d247 replace 'github.com/onsi/ginkgo' with 'github.com/onsi/ginkgo/v2' 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-03 15:28:23 +00:00
Ashley Davis
d53689c181
remove straggling BUILD.bazel file 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-08-01 09:40:58 +01:00
Ashley Davis
fb231ab641
Remove bazel 🎉 
This removes all .bazel and .bzl files, and a bunch of scripts relating
to bazel, now that it's been entirely replaced.

There are still a few places where traces could be removed, but this
removes the brunt of the bazel stuff that remains.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-07-26 11:38:50 +01:00
joshvanl
1f2ba6d7f7 Update the approval e2e tests so that transient client request errors 
are retried, and correctly check the error returned is expected when
appropriate.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-07-20 16:31:11 +01:00
jetstack-bot
519d4dd803
Merge pull request #5318 from JoshVanL/test-e2e-flake-secret-template 
E2E test flakes: SecretTemplate
 2022-07-20 13:37:13 +01:00
joshvanl
9118c112e3 Adds on conflict retries to certificate state change in the 
SecretTemplate e2e test setups

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-07-20 12:21:29 +01:00
joshvanl
43223a1863 Adds on conflict retries to certificate state change in the 
additionaloutputformat e2e test setups

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-07-20 11:42:43 +01:00
James Munnelly
09e42e10db Retry update on conflicts during SecretTemplate tests to avoid test flakes 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-07-11 14:13:21 +01:00
Joe Bowbeer
1dc252e27e update kyverno version and policy 
Signed-off-by: Joe Bowbeer <joe.bowbeer@gmail.com>
 2022-07-06 10:11:37 -07:00
joshvanl
328ea2b632 Change all scripts #!/bin/bash -> #!/usr/bin/env bash. Also changes same 
for Makefile SHELL

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-07-04 14:49:34 +01:00
jetstack-bot
5a4e7654d4
Merge pull request #5097 from lucacome/bump-k8s-deps 
Bump k8s.io dependencies
 2022-07-04 14:44:45 +01:00
Luca Comellini
aaa513de00
Bump k8s.io dependencies 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-06-30 15:16:14 -07:00
Ashley Davis
ca35696244
add make-based upgrade test 
This uses cmctl instead of kubectl_cert-manager, uses make instead of
bazel and fixes an incorrect container name in
test/fixtures/upgrade/overlay/cainjector-ops.yaml

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-06-30 22:35:39 +01:00
oGi4i
cb2cabb06f
Add private key Ingress annotations to set private key properties for Certificate 
Signed-off-by: oGi4i <das.ogi4i@gmail.com>
 2022-06-28 17:45:08 +03:00
jetstack-bot
bbf2b58a5e
Merge pull request #5187 from irbekrm/cleanup_kind_config 
Clean up kind config
 2022-06-21 16:22:48 +01:00
oGi4i
3148b17fa5
Add revision history limit Ingress annotation to set field on the Certificate 
Signed-off-by: oGi4i <das.ogi4i@gmail.com>
 2022-06-21 15:12:09 +03:00
Joakim Ahrlin
9f43ca2cce update boilerplate headers 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-06-14 12:55:33 +02:00
Joakim Ahrlin
de08109be0 add VerifyCredentials to Venafi issuers setup 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-06-14 12:26:38 +02:00
Alessandro Vermeulen
1da01211ee Feature gated support for using literal subjects in Certificates 
Signed-off-by: Alessandro Vermeulen <alessandro.vermeulen@ing.com>
 2022-06-08 20:50:00 +02:00
irbekrm
bd842caabe Removes unused kind config 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-08 17:40:09 +01:00
irbekrm
3ff5dc26ef Removes installation of pre-kubernetes 1.19 compat ingress 
As we no longer need to support Kubernetes 1.19

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-08 13:25:42 +01:00
irbekrm
289d082fbd Removes the unused traefik and haproxy addons config 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-08 13:08:08 +01:00
Richard Wall
557d14a0cd Refactor the update and updateStatus to a single deferred function 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-05-12 16:51:30 +01:00
irbekrm
ac956abb0c Fix CR approve/deny e2e test for kube 1.24 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-05-10 12:07:29 +01:00
jetstack-bot
4ec33298a2
Merge pull request #5081 from wallrj/3640-cleanup 
Challenge cleanup improvements
 2022-05-05 11:19:28 +01:00
Irbe Krumina
1d917ef311 Revert "Use Apply instead of Update to modify resources in tests" 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-05-03 11:31:47 +01:00
Richard Wall
6a4fffbedc Test that the cleanup is performed 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-04-29 17:51:34 +01:00
irbekrm
58b633aa04 Code review feedback 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-04-29 12:42:41 +01:00
irbekrm
030ee91f5e Integration tests use SSA instead of Update to update test resources 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-04-28 14:51:19 +01:00
irbekrm
d6e684bc8a e2e tests use SSA to update test resources 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-04-28 14:49:30 +01:00
lonelyCZ
53d8a07397 Add a unit test for challenges reScheduler 
Signed-off-by: lonelyCZ <531187475@qq.com>
 2022-04-08 14:35:41 +08:00
joshvanl
8ebedac654 Fix challenge serialization, and add integration tests for apply helpers 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-04-01 11:53:44 +01:00
joshvanl
fa411f187d Fix golang linting 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-03-29 13:59:10 +01:00
joshvanl
c54451092e Adds integration tests for owner reference post issuance checks 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-03-29 13:54:27 +01:00
Maël Valais
2205bafef5 e2e: WaitForAllPodsRunningInNamespaceTimeout: %s missing value in logs 
Signed-off-by: Maël Valais <mael@vls.dev>
 2022-03-29 10:54:26 +02:00
Maël Valais
be093559cb e2e: raise slightly the timeouts so that ginkgo -nodes 20 works 
Moving from -nodes 10 to -nodes 20 has lowered the e2e time from 35 to
30 minutes on n1-standard-8 with a request (for the prow job pod) of
3500m (the memory limit of 12Gi is never reached).

Signed-off-by: Maël Valais <mael@vls.dev>
 2022-03-29 10:45:08 +02:00