weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
6,442 Commits 45 Branches 0 Tags 96 MiB
07a0171e98
Commit Graph

6442 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James Munnelly
07a0171e98 Use regular discovery client instead of cache 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
5d6be6a639 Add tests for resourcevalidation plugin 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
31244942d1 Call ServerGroups when initializing discovery 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
d03d98967d Fix webhook kubernetes config in integration tests 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
e13c879681 Remove old handlers & admission plugins 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00
James Munnelly
9583050538 Add admission plugins for APIDeprecation, CertificateRequestApproval&Identity, ResourceValidation 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:55:44 +00:00
James Munnelly
dd560bca6a Add internal webhook package that uses new admission chain 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:55:43 +00:00
James Munnelly
572aecd48d Add webhook admission package to implement admission control in a clearer manner 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:54:18 +00:00
jetstack-bot
eb0d4ad276
Merge pull request #4759 from jsoref/simplify-successfully-migrated-message 
Simplify successfully migrated message
 2022-01-19 09:09:57 +00:00
Josh Soref
562e40ba2e
Simplify successfully migrated message 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2022-01-18 14:43:42 -05:00
jetstack-bot
0ca1ce9a6a
Merge pull request #4751 from JoshVanL/apis-internal-remove-json-tags 
Remove json tags from internal API types.
 2022-01-18 15:32:57 +00:00
joshvanl
c18571a78d Remove json tags from internal API types. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-18 14:04:53 +00:00
jetstack-bot
0b686b8f38
Merge pull request #4753 from SgtCoDFish/kubebuildertools 
Add kubebuilder tools in make for integration tests
 2022-01-18 13:29:05 +00:00
jetstack-bot
051a763ee5
Merge pull request #4638 from JoshVanL/controllers-certificates-secret-template 
SecretTemplate reconciliation. SecretManager Apply
 2022-01-18 13:28:57 +00:00
jetstack-bot
37411c8c3d
Merge pull request #4736 from SgtCoDFish/movefuzz 
Move integration tests to test/integration
 2022-01-18 12:53:04 +00:00
jetstack-bot
e2aede44c7
Merge pull request #4731 from DiptoChakrabarty/lint 
add go linters fixes within codebase
 2022-01-18 12:52:57 +00:00
jetstack-bot
5a0c4096cf
Merge pull request #4719 from munnerz/fixup-upgrade-migrate 
Reword log messages in the 'cmctl upgrade migrate-api-version' command
 2022-01-18 11:30:57 +00:00
DiptoChakrabarty
ba9dccb26d fix comments in consts 
Signed-off-by: DiptoChakrabarty <diptochuck123@gmail.com>
 2022-01-18 10:04:58 +05:30
jetstack-bot
8dc603e7f5
Merge pull request #4756 from SgtCoDFish/versionchecker 
Fix manual invocation of versionchecker testdata fetch
 2022-01-17 18:25:03 +00:00
Ashley Davis
6429b65235
fix manual invocation of versionchecker testdata fetch 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-17 17:41:43 +00:00
jetstack-bot
4cbfd2e9a5
Merge pull request #4755 from SgtCoDFish/e2e_build_tag 
Add a build tag for the e2e test only
 2022-01-17 17:13:03 +00:00
Ashley Davis
f2d8a33dd7
Add a build tag for the e2e test only 
This was initially part of #4565 which was closed in favour of moving
integration tests, but the consensus was that the e2e test is a special
case.

The e2e test requires so much more ahead-of-time setup that our bazel
build flow special cases it by marking it manual. This is a `go test`
equivalent to that, which enables the e2e test to remain under the test/
directory while still allowing `go test ./test/...` to work generally
for all other tests.

We'll add make targets for the e2e tests down the road. For now, we add
the build tag and define it in bazel so this commit should be a no-op
in effect.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-17 15:32:30 +00:00
joshvanl
419ff43312 Add more context to SecretCertificateAnnotations 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 15:15:39 +00:00
jetstack-bot
3df769081d
Merge pull request #4752 from JoshVanL/controller-certificates-additional-output-format-skip-test 
Don't run AdditionalOutputFormats e2e test if the feature gate is not enabled
 2022-01-17 14:39:04 +00:00
Ashley Davis
74841280ed
add kubebuilder tools in make for integration tests 
Note that darwin/arm64 has to be special cased currently because of a
lack of official support for that platform in upstream etcd and
kube-apiserver. We instead install the amd64 versions, which is what
we did for bazel.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-17 12:04:53 +00:00
joshvanl
b6ae0af775 Don't run AdditionalOutputFormats e2e test if the feature gate is not 
enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:55:50 +00:00
joshvanl
ee3cc828a9 Ensure the SecretTemplate matching is aware of the base annotations set 
on the Secret

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:41:24 +00:00
joshvanl
5019aaacfc Update SecretTemplate API comments to highlight that annotations are 
appended to base annotations

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:40:13 +00:00
joshvanl
38084fb719 Update secret manager to include additional output formats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:40:12 +00:00
joshvanl
b6e499a317 Fix comment and add comment about forcing apply 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
196d0011ca Remove SecretTemplate controller and move logic into issuing controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
735e72205e Adds integration test for SecretTemplate controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
3d3a922e9f Remove non-existing feature gate from install scripts 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
162519869e Updates CRD with new secret template comment 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
501a9c4215 Adds secret template controller as a default controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
b13e4d4531 Update unit test package for secret manager unit tests, adds user agent 
to integration tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
64d78c6e10 Update certificates controller with new secret manager signatures and 
tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
c5f101525c Update certificates controller secrets manager since feature gate is 
removed

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
86ae0545d2 Update SecretTemplate API comments with new behaviour. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
7a4be1edfd Copy across an existing secret type in secrets manager since that field 
is immutable.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
a56b6a8596 Fix CA injector test to only create a Secret of type kubernetes.io/tls 
since that field is immutable, and shouldn't change from Opaque

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
95ee9ee031 Force apply secrets manager if a field has a conflict with the owner 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
5660b80888 Gix golang references to feature gate package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
a9bd3f37dc Use feature gate shared map for determining whether secret template 
tests should run

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
d6fb5138f2 Re-add crd-certificates.yaml 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
81b164289a Fixes spelling in e2e test 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
af360ee9b3 Fix some test func names and some comments. Replaces DeDuplicate in 
SecretTemplate controller to use sets.Strings. Removes DeDuplicate func

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
ebc4cba48c Make secretsmanager if statement blocks prettier 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
54c00afb13 Fix comments in secretsmanager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00