cert-manager

Author	SHA1	Message	Date
kit837	0f97e6d19d	pass in clock.Clock for better test Signed-off-by: kit837 <66801824+kit837@users.noreply.github.com>	2021-06-15 17:48:20 +00:00
kit837	228168cee9	Add clock_time_seconds metric Fixes: https://github.com/jetstack/cert-manager/issues/3730 Related: https://github.com/jetstack/cert-manager/pull/3746 Signed-off-by: kit837 <66801824+kit837@users.noreply.github.com>	2021-06-14 23:25:46 +00:00
irbekrm	118cfb6029	Remove the defaulting for renewBefore from fuzzer We now calculate this default at reneal time Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-06-11 15:35:46 +01:00
irbekrm	acd0a98bbb	Updates DefaultRenewBefore to state that it is deprecated Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-06-11 11:52:54 +01:00
irbekrm	67f14240eb	Update renewBefore descriptions Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-06-11 10:32:36 +01:00
irbekrm	e6b748047d	Remove the default renewBefore value Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-06-11 10:03:12 +01:00
joshvanl	abdd1f54fa	Fix CA CertificateSigningRequest controller to return potential error from updating failed status Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-06-07 17:48:49 +01:00
joshvanl	d4fd4f9acc	Move determining Issuer resource Kind into CSR/util Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-06-07 15:27:43 +01:00
joshvanl	1678d0833e	Reverts ACME issuer from forming a chain bundle and populating the ca.crt Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-06-02 12:21:50 +01:00
joshvanl	36bd7a459c	Changes CSR util signername to use if statements rather than switch Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-28 10:34:43 +01:00
joshvanl	acc5431f1b	Fix signernames to allow clusterissuers with dots in name Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-28 10:13:00 +01:00
joshvanl	9e1b0342d0	Updates with review comments Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 18:48:50 +01:00
joshvanl	60d5974115	Moves CertificateSigningRequest controller to feature gate flag Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 12:00:56 +01:00
joshvanl	e014b6655d	Use ca.crt with the CertificateSigningRequest CA controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 10:49:21 +01:00
joshvanl	62dee4783e	Adds CertificateSigningRequest CA Issuer controller as optional controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:32:24 +01:00
joshvanl	3b74c34089	Adds CertificateSigningRequest CA Issuer controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:25:02 +01:00
joshvanl	c5c206cace	Adds base CertificateSigningRequest cert-manager controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:23:50 +01:00
joshvanl	b38519fe66	Adds kube certificates v1 API utils Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:18:29 +01:00
joshvanl	1268a5426b	Adds experimental v1alpha1 API version Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:06:24 +01:00
irbekrm	0478bc5ee2	Updates duration and renewBefore field descriptions Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-25 12:56:55 +01:00
jetstack-bot	c7dade0fc5	Merge pull request #4036 from wallrj/3875-pod-security Enable runAsNonRoot by default	2021-05-21 18:53:26 +01:00
jetstack-bot	7eb301f74c	Merge pull request #4021 from irbekrm/deprecate_apis Deprecates old APIs	2021-05-21 18:30:32 +01:00
jetstack-bot	efd8b7a076	Merge pull request #3866 from jandersen-plaid/jandersen-plaid-make-orders-unique-to-controlling-cr Hash orders with the issuing certificate request to ensure unique hash	2021-05-21 17:34:25 +01:00
jandersen-plaid	b5fe7ecdca	Update pkg/controller/certificaterequests/acme/acme.go Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com> Signed-off-by: Jack Andersen <jandersen@plaid.com>	2021-05-21 12:08:22 -04:00
jandersen-plaid	cd1d8a2788	Update pkg/controller/certificaterequests/acme/acme_test.go Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com> Signed-off-by: Jack Andersen <jandersen@plaid.com>	2021-05-21 12:08:07 -04:00
jandersen-plaid	ed88ce6030	Update pkg/controller/certificaterequests/acme/acme_test.go Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com> Signed-off-by: Jack Andersen <jandersen@plaid.com>	2021-05-21 12:07:40 -04:00
Richard Wall	d26caf578d	Use runAsNonRoot on the HTTP01 solver Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-05-21 15:05:18 +01:00
jetstack-bot	d7571d3eaa	Merge pull request #4037 from SgtCoDFish/staticparty-ash Static Analysis Fixes from Static Analysis Party	2021-05-21 13:38:25 +01:00
jetstack-bot	c1d7dcf8b5	Merge pull request #4007 from edglynes/3904_v2_API Update Aka issuer to use v2 API	2021-05-21 12:34:25 +01:00
Ashley Davis	219a620871	static analysis fixes pkg/ctl/scheme.go:17:1: package comment should be of the form "Package ctl ..." pkg/issuer/acme/dns/acmedns/acmedns.go:43:2: var accountJson should be accountJSON pkg/issuer/acme/dns/acmedns/acmedns.go:50:43: func parameter accountJson should be accountJSON pkg/controller/certificates/trigger/policies/policies.go:57:1: comment on exported type Chain should be of the form "Chain ..." (with optional leading article) pkg/controller/ingress-shim/sync.go:36:2: package "github.com/jetstack/cert-manager/pkg/logs" is being imported more than once (ST1019) pkg/controller/ingress-shim/sync.go:37:2: other import of "github.com/jetstack/cert-manager/pkg/logs" Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-05-21 12:04:11 +01:00
Ashley Davis	333af8fd94	further static check fixes pkg/internal/apis/certmanager/validation/certificate_for_issuer_test.go:34:2 deadcode `defaultTestCrtName` is unused pkg/issuer/acme/dns/rfc2136/provider_test.go:42:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/acme/dns/rfc2136/provider_test.go:77:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/vault/setup.go:37:2 deadcode `messageVaultHealthCheckFailed` is unused pkg/issuer/venafi/client/request.go:143:5 gosimple S1023: redundant break statement pkg/logs/logs.go:68:8 errcheck Error return value of `fs.Set` is not checked the following fixes introduce a panic when the returned error is non-nil, which could be a breaking change but was deemed to be worth it pkg/webhook/server/server.go:58:30 errcheck Error return value is not checked pkg/webhook/server/server.go:59:25 errcheck Error return value is not checked Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-05-21 12:04:05 +01:00
Ashley Davis	c67c2c4f47	static analysis: pkg/controller fixes the following issues: pkg/controller/acmeorders/util.go:84:6 deadcode `hashChallenge` is unused pkg/controller/certificaterequests/approver/approver.go:72:14 staticcheck SA4021: x = append(y) is equivalent to x = y pkg/controller/certificaterequests/vault/vault_test.go:535:21 errcheck Error return value of `controller.Register` is not checked pkg/controller/certificates/trigger/policies/policies.go:121:26 gosimple S1039: unnecessary use of fmt.Sprintf pkg/controller/clusterissuers/sync_test.go:55:12 errcheck Error return value of `c.Register` is not checked pkg/controller/ingress-shim/sync.go:301:2 gosimple S1005: unnecessary assignment to the blank identifier Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-05-21 12:03:47 +01:00
irbekrm	e1dff85cad	Feedback from code review Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-21 12:03:47 +01:00
irbekrm	17728b8437	Handle cert renewal when renewalBefore slightly less than cert duration correctly Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-21 12:03:47 +01:00
irbekrm	6aad7507b9	Feedback from code review Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-21 10:51:14 +01:00
irbekrm	a357d3d3e3	Handle cert renewal when renewalBefore slightly less than cert duration correctly Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-20 20:23:25 +01:00
irbekrm	6c4d819d1d	Determine requested API version from RequestKind (code review feedback) Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-20 15:29:51 +01:00
jetstack-bot	e30dae687a	Merge pull request #3860 from jsoref/spelling-commitment Deprecate UsageContentCommittment and improve public comments	2021-05-20 11:09:52 +01:00
jetstack-bot	85c943ffc2	Merge pull request #4018 from kmodules/jp Use gomodules.xyz/jsonpatch instead of mattbaird/jsonpatch	2021-05-19 18:57:51 +01:00
Josh Soref	64fb1ebc91	Deprecate UsageContentCommittment Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>	2021-05-19 12:40:10 -04:00
irbekrm	06f6b46f30	Implements feedback from code review Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:20:05 +01:00
irbekrm	bbfd2294f9	Integration test for ACME Orders controller Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:11:48 +01:00
irbekrm	d8c941da8e	Refactors creation of ACME Orders controller So that it easier used with the existing test framework and also is more similar to how most other controllers are created Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:11:18 +01:00
irbekrm	8d55b69796	Unit test pending ACME order with valid challenges Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:06:12 +01:00
irbekrm	8d5023a72d	Add a fake scheduler To allow for testing whether an item gets re-queued in unit tests Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:05:59 +01:00
irbekrm	1e235c79f2	Re-queue Order with finalized Challenges, but pending state To avoid stuck Orders in case of a misbehaving ACME server Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 13:05:44 +01:00
irbekrm	a42771b7e4	Adds a bunch of comments for exported types Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 10:19:43 +01:00
irbekrm	f5aa3cffd1	Removes an unnecessary newline after package comment Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 10:17:57 +01:00
irbekrm	2bb707a1ce	Remove a redundant return statement Part of work towards fixing errors shown by static analysis tools Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 10:17:38 +01:00
irbekrm	2cce594de1	Don't compare two booleans Part of work towards fixing errors shown by static analysis tools Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-05-19 10:17:18 +01:00

1 2 3 4 5 ...

2424 Commits