weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
4,082 Commits 45 Branches 0 Tags 96 MiB
1adfe16690
Commit Graph

367 Commits

Author SHA1 Message Date
James Munnelly
cbe5f5dfb5 generated files 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-06-23 16:23:42 +01:00
Maartje Eyskens
b9be71c6a3 Add new line to clairify podLabels <-> podDNS 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-06-03 10:26:03 +02:00
jetstack-bot
bd5cd5169b
Merge pull request #2858 from FairwindsOps/sudermanjr/helm-chart-container-security-context 
Fix #2849 Add container security context to helm chart deployments
 2020-05-23 10:09:54 +01:00
Andrew Suderman
21105897d7
Apply review suggestions 
Signed-off-by: Andrew Suderman <andrew@sudermanjr.com>
 2020-05-05 09:57:26 -06:00
Andrew Suderman
2802e4837d
Adding BAZEL file to helmignore so that I can run helm template 
Signed-off-by: Andrew Suderman <andrew@sudermanjr.com>
 2020-05-05 09:49:42 -06:00
Maartje Eyskens
51a19b9c0e Change link in the Helm Hub readme 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-05-04 10:51:55 +02:00
James Munnelly
3e8649abc2 Handle ACME orders with already valid authorizations upon first fetch through new 'initialState' field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-01 12:33:14 +01:00
Ryan Belgrave
f8851311e8
more readme fixes 
Signed-off-by: Ryan Belgrave <ryan@belgrave.me>
 2020-04-30 08:44:39 -05:00
Ryan Belgrave
05dd8a3c75
fix readme copy paste errors 
Signed-off-by: Ryan Belgrave <ryan@belgrave.me>
 2020-04-30 08:02:35 -05:00
Andrew Suderman
d85620a523
Fix #2849 Add container security context to helm chart deployments 
Signed-off-by: Andrew Suderman <andrew@sudermanjr.com>
 2020-04-28 09:15:38 -06:00
Ryan Belgrave
8b522d518c
update chart readme 
Signed-off-by: Ryan Belgrave <ryan@belgrave.me>
 2020-04-24 17:20:40 -05:00
Ryan Belgrave
ed74fb9e2b
chart service account improvments 
* Fix psp cluster role binding to use the serviceAccountName template
* Add webhook service account customization
* Add cainjector service account customization

Signed-off-by: Ryan Belgrave <ryan@belgrave.me>
 2020-04-24 17:14:17 -05:00
Richard Wall
f37e0cd72a Fixes for the validating and mutating webhook configuration 
* Use the correct URL path for validation
* Validate v1alpha3 API objects
* Mutate v1alpha3 API objects

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-04-23 16:07:49 +01:00
James Munnelly
7978fbe081 Address review feedback and include truststore.jks with JKS mode enabled 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-22 15:20:49 +01:00
James Munnelly
ba33c823a3 Add 'keystores' stanza to CertificateSpec to allow dynamic keystore configuration 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-21 17:58:18 +01:00
jetstack-bot
4aff1ce3f0
Merge pull request #2814 from munnerz/privatekey-rotation 
keymanager: support private key rotationPolicy field
 2020-04-21 16:02:53 +01:00
James Munnelly
6d02c855ee Regenerate files 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-21 10:07:13 +01:00
James Munnelly
4daa3b086b Update generated files 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-21 09:49:32 +01:00
jetstack-bot
4adec72ac9
Merge pull request #2681 from gitirabassi/feat/azure-auth-msi-master 
feat(azure): add usage of Managed Identities for azuredns
 2020-04-20 08:42:38 +01:00
jetstack-bot
687d47f832
Merge pull request #2027 from pepov/auditsink-injector 
Add auditsinks in auditregistration.k8s.io/v1alpha1 to the supported injector targets
 2020-04-20 08:23:38 +01:00
jetstack-bot
a299a63219
Merge pull request #2807 from HoogWater/refine_leaderelection 
Limit the scope of leadership configmap role to specific configmaps
 2020-04-17 16:27:46 +01:00
Mark de Jong
d7edd6d6bf Removed TODO comment and add details for configmap usage in comment 
Signed-off-by: Mark de Jong <markdejong@gmail.com>
 2020-04-15 22:24:17 +02:00
Mark de Jong
a6335b2244 Split verbs over 2 rules in the roles 
one for create with no limit
one for update and patch

This is done because the "name" of a resource is not known at time of creation therefor the create verb cannot be limited to a single resource

Signed-off-by: Mark de Jong <markdejong@gmail.com>
 2020-04-15 22:24:17 +02:00
Mark de Jong
0b4a00048d Limit the scope of leadership configmap role to specific configmaps created by the deployment 
Signed-off-by: Mark de Jong <markdejong@gmail.com>
 2020-04-15 22:24:17 +02:00
James Munnelly
7f3d811978 Add comments to new field types and regenerate CRDs 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-15 12:27:25 +01:00
James Munnelly
a6450af2de Add featureGates option to Helm chart 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-15 12:26:53 +01:00
James Munnelly
343012792f WIP: add new API fields 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-15 12:25:29 +01:00
Dewet Diener
b771033922 fix list & name port 
Signed-off-by: Dewet Diener <dewet22@users.noreply.github.com>
 2020-04-15 11:43:20 +01:00
Dewet Diener
d814f0bdf2 Expose webhook deployment container port 
Signed-off-by: Dewet Diener <dewet22@users.noreply.github.com>
 2020-04-15 01:09:46 +01:00
gitirabassi
7a9788adba
addressed all reviewes and added all validation tests 
Signed-off-by: gitirabassi <giacomo@tirabassi.eu>
 2020-04-10 08:48:56 +02:00
gitirabassi
fa034751dc
feat(azure): add usage of Managed Identities for azuredns provider for acme dns01 challenge 
Signed-off-by: gitirabassi <giacomo@tirabassi.eu>
 2020-04-10 08:48:34 +02:00
jetstack-bot
15d1735688
Merge pull request #2791 from munnerz/fixup-empty-keys 
Remove empty 'annotations' blocks from resources and add missing 'metata.namespace' field
 2020-04-09 06:39:14 +01:00
James Munnelly
7c659a6331 Remove empty 'annotations' blocks from resources and add missing 'metadata' field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-08 19:56:52 +01:00
James Munnelly
a4cbd146c3 Avoid duplicate CRDs in static manifests 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-08 17:45:19 +01:00
James Munnelly
9f2fad4c9b Add warning to installCRDs option 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-07 10:16:24 +01:00
James Munnelly
ff9a6b84a0 Address review feedback 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-07 10:15:05 +01:00
James Munnelly
b955abed17 Fix up chart and bazel build rules 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-01 18:22:35 +01:00
James Munnelly
f33beefc32 Add installCRDs option to Helm chart 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-04-01 13:15:15 +01:00
James Munnelly
1700833601 Default webhook to use the dynamic secret source 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-03-30 14:25:54 +01:00
pepov
24507f70c6 add auditsinks in api/auditregistration/v1alpha1 to the supported targets and handle injector "no matching kind" errors as something that shouldn't break the operator 
Signed-off-by: pepov <peterwilcsinszky@gmail.com>
 2020-03-30 14:33:50 +02:00
James Munnelly
88b9040054 Use Bazel to automatically add version numbers to the Helm chart README 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-03-26 10:23:19 +00:00
jetstack-bot
3ced69a105
Merge pull request #2734 from munnerz/update-readme 
Update Helm chart & other docs with new URLs and info
 2020-03-24 17:18:38 +00:00
James Munnelly
d08299c846 Update Helm chart & other docs with new URLs and info 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-03-24 16:21:48 +00:00
James Munnelly
087ed93e53 Use correct service name in the --webhook-dns-names flag 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-03-24 13:31:27 +00:00
jetstack-bot
35add56ef5
Merge pull request #2625 from srbraun/crl 
adds option to specify CRL Distribution Point. #2612
 2020-03-23 13:33:32 +00:00
jetstack-bot
6a16550698
Merge pull request #2023 from zeeZ/configure-annotations 
Add option to set custom annotations for HTTP01 resolver Ingress resources.
 2020-03-23 12:24:37 +00:00
Sergey Braun
9b76cdd402
adds CDP field and description to CA issuer 
Signed-off-by: Sergey Braun <dev@skra.space>
 2020-03-19 12:52:43 +01:00
zeeZ
1c96ea9c57 Add option to set annotations and labels for HTTP01 resolver Ingress resources. 
Signed-off-by: zeeZ <zeeZinator+github@gmail.com>
 2020-03-12 21:12:11 +01:00
Johan Fleury
08db170a36
feat(rfc2136): add support for IPv6 address in nameserver 
Signed-off-by: Johan Fleury <jfleury@arcaik.net>
 2020-03-09 21:43:56 -04:00
Johan Fleury
51d46e5f76
feat(rfc2136): allow FQDN and hostname in nameserver 
Signed-off-by: Johan Fleury <jfleury@arcaik.net>
 2020-03-09 21:12:23 -04:00