weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
7,318 Commits 45 Branches 0 Tags 96 MiB
0c8aa75b18
Commit Graph

7318 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
irbekrm
0c8aa75b18 Corrects test Gateway resources 
TLS block is only valid for TLS listeners

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:05:45 +00:00
irbekrm
9709833bb6 Removes unused check 
current cert-manager version no longer supports Kubernetes 1.19

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
irbekrm
75e2d1145a Updates Gateway API test dependency 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
irbekrm
608c3a1df0 Bumps Contour Helm chart version 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
irbekrm
bc70233256 Tests download Gateway installation bundle 
Rather than whole gateway git repo

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
irbekrm
486c72f122 Update reference to HTTPRoute docs 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
jetstack-bot
6ec8da3366
Merge pull request #5583 from lvyanru8200/uodateGwVerison 
feature: update gateway api to v1beta1
 2022-12-05 14:52:48 +00:00
lv
a13c76d312 feature: update gateway api to v1beta1 
Signed-off-by: lvyanru <yanru.lv@daocloud.io>

feature: update gateway api to v1beta1

Signed-off-by: lvyanru <1113706590@qq.com>
 2022-12-05 14:03:21 +00:00
jetstack-bot
3ed4621c02
Merge pull request #5613 from mmontes11/master 
Return error when Gateway has a cross-namespace secret ref
 2022-12-05 10:28:16 +00:00
Martín Montes
f884dac555 Return error when Gateway has a cross-namespace secret ref 
Signed-off-by: Martín Montes <martin11lrx@gmail.com>
 2022-12-01 12:46:33 +01:00
jetstack-bot
77c410f5cb
Merge pull request #5570 from weisdd/feature/azure-workload-identity 
feat(AzureDNS): Add support for Workload Identity
 2022-11-30 18:00:32 +00:00
jetstack-bot
f85c8c98cb
Merge pull request #5605 from SgtCoDFish/normmake 
Use distinct manifest dirs for signed / unsigned manifests
 2022-11-29 17:32:25 +00:00
Ashley Davis
4d12251fa7
Use distinct manifest dirs for signed / unsigned manifests 
This avoids a race condition with the `release-manifests` and
`release-manifests-signed` targets.

When running in parallel, one could execute `rm -rf
$(BINDIR)/scratch/manifests` while the other was running.

This could also conceivably have led to incorrectly packaged
manifests when both were run in parallel.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-11-29 16:14:59 +00:00
jetstack-bot
43e13bfa0d
Merge pull request #5587 from SpectralHiss/SpectralHiss/add-fields-to-subject-rdn 
Add support for required LDAP (rfc4514) RDNs in LiteralSubject
 2022-11-29 15:19:25 +00:00
Houssem El Fekih
d56c51092a Add boilerplate comment 
Signed-off-by: SpectralHiss  <houssem.elfekih@jetstack.io>
 2022-11-29 14:47:50 +00:00
Houssem El Fekih
182275ed44 Add error case + list all supported OIDs in cannonical order 
Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
 2022-11-29 14:38:24 +00:00
Houssem El Fekih
410ac12c02 Make test assertion more specific to slice, need to verify ordering of rdns 
Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
 2022-11-29 09:55:19 +00:00
Houssem El Fekih
c7952fd054 e2e test confirming LDAP rdn literalsubject in generated certificate 
* Enabled feature flag for literalsubject in e2e test runner
* Added "happy path" test

Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
 2022-11-28 21:56:00 +00:00
Igor Beliakov
df20fcd3e4 chore(AzureDNS): added more comments as requested by @wallrj 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-24 22:42:18 +01:00
jetstack-bot
d85e424cd0
Merge pull request #5591 from wallrj/fix-vault-namespace-rjw 
Set the Vault namespace using vault SDK client methods instead of using raw request object
 2022-11-23 11:34:54 +00:00
Richard Wall
75b2ba12dc Test that the Sign function *does* use the Vault namespace 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-23 10:40:59 +00:00
Richard Wall
e1740afedf Recreate the original behaviour of sending a Vault token to the unauthenticated sys/health endpoint. 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-23 10:40:59 +00:00
Richard Wall
6b2c3b5295 Remove unused Token method 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-22 17:41:49 +00:00
Richard Wall
23437dfbbc Remove unused Sys methods 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-22 17:41:49 +00:00
Richard Wall
51ac6fe181 Test 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-22 17:41:49 +00:00
Richard Wall
6e05f43f8e Set the Vault namespace using the official method in the vault SDK 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-22 17:29:58 +00:00
Houssem El Fekih
8af2d64f3b Gofmt files 
Signed-off-by: Houssem El Fekih <houssem.elfekih@jetstack.io>
 2022-11-18 10:55:56 +00:00
Houssem El Fekih
f41cf33efe Add support for required LDAP (rfc4514) RDNs in LiteralSubject 
* Add OID translation for mandatory DC component
* Used extensively in LDAP certificates, also required by rfc5280
* Add support for UID, mentioned in LDAP RFC
* solves https://github.com/cert-manager/cert-manager/issues/5582

Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
 2022-11-18 10:22:39 +00:00
Igor Beliakov
964f4bbd8d feat(AzureDNS): add a test for federated SPT 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-17 17:42:05 +01:00
jetstack-bot
2884bee3f8
Merge pull request #5584 from lvyanru8200/chartchange 
fix: featureGates add webhook deployment in chart yaml
 2022-11-17 16:20:50 +00:00
lv
bf2db73f71 fix: featureGates add webhook deployment in chart yaml 
Signed-off-by: lvyanru <1113706590@qq.com>
 2022-11-17 22:11:57 +08:00
jetstack-bot
7df63ae94b
Merge pull request #5546 from cmcga1125/5295 
Adding support to elevate acme-solver pod to root during testing
 2022-11-16 17:37:24 +00:00
Corey McGalliard
7e6e0940a2 updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive 
Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>
 2022-11-16 11:20:36 -05:00
jetstack-bot
95dc198cd6
Merge pull request #5571 from inteon/cleanup_csr_generation 
Improve gen.CSR and use it in all tests
 2022-11-15 14:08:44 +00:00
Tim Ramlot
c0dc705c24
fail in case of invalid IP address 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-11-14 09:11:23 +01:00
jetstack-bot
6c5189c916
Merge pull request #5573 from SgtCoDFish/basicConstraintsExt 
Enable basicConstraints feature in e2e environments by default
 2022-11-10 17:24:47 +00:00
Ashley Davis
d2aab5f0d3
enable basicConstraints feature in e2e environments by default 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-11-10 13:47:30 +00:00
jetstack-bot
4ffd6213e7
Merge pull request #5552 from sathyanarays/isCaFix 
Fixing CA flag in basic constraints extension
 2022-11-10 13:37:47 +00:00
Sathyanarayanan Saravanamuthu
860ba8465a Addressing review comments 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-11-10 14:27:26 +05:30
Tim Ramlot
b999749854
improve gen.CSR and use it everywhere 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-11-10 09:21:31 +01:00
jetstack-bot
766f25ff27
Merge pull request #5568 from wallrj/renegotiate-once 
Use RenegotiateOnceAsClient in the Venafi Issuer client and explain why
 2022-11-10 07:46:47 +00:00
Richard Wall
df42b81326 Fix typos in explanatory comment 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:50:27 +00:00
Richard Wall
1f1ed47c2a Always initialize tlsClientConfig if the default is nil 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:45:52 +00:00
Richard Wall
218cdb7e0f Use RenegotiateOnceAsClient and explain why 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:25:31 +00:00
Igor Beliakov
efae037cec chore(Azure): improve naming, add comments 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-09 17:33:28 +01:00
jetstack-bot
d06ebdf3b5
Merge pull request #5555 from thib-mary/feat/add-label-webhook-config 
feat: add commonLabels on webhook configmap
 2022-11-08 14:46:36 +00:00
jetstack-bot
ff273ec337
Merge pull request #5562 from SgtCoDFish/trivyaws 
Fix x/text vuln and ignore AWS vuln
 2022-11-08 14:12:37 +00:00
jetstack-bot
77530cef33
Merge pull request #5559 from SgtCoDFish/bumpgo 
Bump to latest go minor version to fix vulns
 2022-11-07 15:43:10 +00:00
Ashley Davis
b8e51bc24c
fix x/text vuln and ignore AWS vuln 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-11-07 13:32:31 +00:00
Ashley Davis
96e500f189
bump to latest go minor version to fix vulns 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-11-07 11:11:11 +00:00