weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
733 Commits 45 Branches 0 Tags 96 MiB
0a960d46b2
Commit Graph

203 Commits

Author SHA1 Message Date
James Munnelly
0a960d46b2 Fix bug in issue method preventing cert issuance 2018-04-12 16:50:03 +01:00
James Munnelly
70dde521a1 Set status conditions on validation success. Call WaitOrder instead of GetOrder in issue. 2018-04-11 23:30:54 +01:00
James Munnelly
336d01ac4a Update dns util tests 2018-04-11 19:39:36 +01:00
James Munnelly
ef51483cbc
Merge pull request #5 from redbaron/acmev2-upstream 
Fixes for ACME client http transport
 2018-04-11 14:30:28 +01:00
James Munnelly
4a79203633 Run gofmt 2018-04-11 13:22:10 +01:00
Maxim Ivanov
c44a7552ea Check challenge before presenting it 
With async challenge Check, it is often happens,
that solver.Check() fails on first run after solver.Present()

Cert-manager then tries again, but starts with solver.Present(),
which not being idempotent right now fails on certain DNS providers.

This change swaps order of solver.Check() and solver.Present().
Check is not returning error if propagation not happened, it then
allows Present() to run.

In the current form, Present() will be spamming with errors,
but this doesn't stop Check from happening on every attempt,
so eventually Challenge can be verified and accepted. In the future,
Present() should be made idempotent.
 2018-04-11 11:27:23 +01:00
James Munnelly
ce441d604f Enable DNS01 provider tests using cloudflare 2018-04-10 00:27:52 +01:00
James Munnelly
857420fbd3 Use adler32 hash for acme http01 resource labels 2018-04-09 23:27:16 +01:00
James Munnelly
c83b479b2f Remove extra CreateOrder event 2018-04-09 21:29:31 +01:00
James Munnelly
1d52cbeec7 Remove unused strings and standardise event reasons 2018-04-09 21:26:38 +01:00
James Munnelly
d197817fa7 Improve error reporting and use of status conditions 2018-04-09 21:17:51 +01:00
James Munnelly
e8e6785e9a Immediately create a new order if old one has expired 2018-04-09 20:08:18 +01:00
James Munnelly
1485546ed5 Clear ACME order URL if FinalizeOrder fails with 4xx error 2018-04-09 20:02:26 +01:00
James Munnelly
9aa3bb52a3 Fix invalid json tags 2018-04-09 19:44:16 +01:00
James Munnelly
801d882c4b Only manually remove challenges on successful validation 2018-04-09 19:29:02 +01:00
James Munnelly
8f2bab6f05 Fix infinite loop in logger middleware 2018-04-09 19:09:46 +01:00
James Munnelly
5a434865ad Add acme client logger middleware 2018-04-09 19:06:41 +01:00
James Munnelly
ae3b4836b5 Clean up successful validations. Fix up failed validation handling. 2018-04-09 18:16:02 +01:00
James Munnelly
99d7a7b99a Fix ACME DNS provider unit tests 2018-04-09 17:57:33 +01:00
Maxim Ivanov
bd84b7c29c Make acme client transport to be closer to DefaultTransport 
Helps with things such as HTTP_PROXY env var handling
 2018-04-09 17:46:29 +01:00
James Munnelly
b934852775 Merge branch 'master' into acmev2 2018-04-09 16:52:34 +01:00
James Munnelly
f1b3b4b962 Update CA issuer witih changes to UpdateStatusCondition 2018-04-09 15:43:26 +01:00
James Munnelly
4b361348ef Rewrite ACME issuer to use new ACMEOrderChallenge struct 2018-04-09 15:40:32 +01:00
James Munnelly
3bde815cf2 Update DNS and HTTP provider to use challenge structs 2018-04-09 15:38:43 +01:00
jetstack-bot
9021767cb7
Merge pull request #432 from euank/jetstack/user-agent 
Plumb a user-agent through pretty much everywhere
 2018-04-09 11:14:31 +01:00
Euan Kemp
4e5a2d1646 issuer/dns/route53: append our user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
4d9b0e836e issuer/dns/akamai: set user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
34391f0726 issuer/dns/cloudflare: set user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
f122c9c9c2 issuer/acme: add a timeout to the http client 2018-04-06 18:09:17 -07:00
Euan Kemp
7f12fb346c issuer/acme: move 'user-agent' logic to util 
This logic should be shared by things like the aws client as well.
 2018-04-06 18:09:11 -07:00
Louis Taylor
0961e24174
Remove namespace from more places 2018-04-06 11:20:24 +01:00
James Munnelly
76f9f14357 Add TODO about cleaning up old authorization attempts 2018-04-05 00:17:03 +01:00
James Munnelly
838be2f54d Add getOrCreateOrder tests 2018-04-04 23:41:14 +01:00
James Munnelly
178a3a5eea Fix up bugs in unit testing framework 2018-04-04 23:40:44 +01:00
James Munnelly
8d3c2f2b25 Create 'getOrCreateOrder' function 2018-04-04 23:39:34 +01:00
James Munnelly
fde0a0010c Add missing GetOrder function to FakeACME 2018-04-04 23:38:19 +01:00
James Munnelly
211c60b449 Fix panic when an error occurs while creating an order 2018-04-04 23:38:03 +01:00
James Munnelly
f2ddd1d111 Change DNSNames/CommonNameForCertificate function to not return an error 2018-04-04 23:37:37 +01:00
jetstack-bot
acfc2f78d1
Merge pull request #322 from yieldlab/akamai-support 
Add ACME DNS-01 provider for Akamai FastDNS
 2018-04-04 18:26:22 +01:00
James Munnelly
6f71a8de57 Update comments 2018-04-04 18:16:01 +01:00
James Munnelly
7e663971fd Fix typo 2018-04-04 17:39:11 +01:00
James Munnelly
e87ff94458 Fix import paths and use util.AppVersion for user agent version 2018-04-04 12:42:21 +01:00
James Munnelly
798a07b0c8 Set a custom User-Agent on acme client 2018-04-04 12:39:44 +01:00
James Munnelly
da0d45e3f4 Use DialContext in ACMEClient round tripper 2018-04-04 12:30:33 +01:00
James Munnelly
bd58bd8bc6 Fix acme test fixture 2018-04-04 11:32:06 +01:00
James Munnelly
b0e65f84c7 Add TODO for domain label values 2018-04-04 11:30:15 +01:00
James Munnelly
01efbca114 Merge branch 'master' into acmev2 2018-04-04 11:27:37 +01:00
Jacob Hoffman-Andrews
8baac71058 Add a meaningful User-Agent. 2018-03-30 14:18:38 -07:00
jetstack-bot
95883c47dd
Merge pull request #363 from euank/nonstatic-aws-creds 
Allow non-static AWS credentials for Route 53, gated by "ambient credentials" flags
 2018-03-26 12:35:18 +01:00
Euan Kemp
faac0701ab issuer/route53: respect 'ambient' flag for region 
This notably results in the region being a required field if the
'ambient' option is not set for a given issuer.
 2018-03-24 14:16:33 -07:00