cert-manager

Author	SHA1	Message	Date
James Munnelly	2de5135e18	Fix test flake Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 14:15:49 +01:00
James Munnelly	7b4d04cdef	bugfix: fix issue where CertificateRequests marked InvalidRequest were not properly marked as Failed Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 12:21:41 +01:00
James Munnelly	e62bfaf367	Add test to check InvalidRequest handling for certificates Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 12:21:41 +01:00
James Munnelly	51014e5752	Add integration test for regenerating private key for each CR upon failure Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 12:21:41 +01:00
James Munnelly	099a52ffe3	integration framework: add StartInformersAndControllers Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 12:21:41 +01:00
James Munnelly	11ada1d3d3	rename policyEvaluator->BuildReadyConditionFromChain Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-08-04 12:21:41 +01:00
jetstack-bot	12342d88e5	Merge pull request #5361 from SgtCoDFish/fixcves Fix containerd / go-restful CVEs	2022-08-03 16:17:16 +01:00
Ashley Davis	2636a638bf	replace go-restful version with patched version for details, see the comment on the `replace` directive see also this slack thread: https://kubernetes.slack.com/archives/CDEQJ0Q8M/p1659536441504649?thread_ts=1659532155.184479&cid=CDEQJ0Q8M Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 15:33:54 +01:00
Ashley Davis	6985cd5e5a	update containerd dependency to fix CVE CVE-2022-31030 and GHSA-5ffw-gxpp-mxpf Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 15:25:05 +01:00
jetstack-bot	0c15857645	Merge pull request #5360 from SgtCoDFish/fixxnet Fix `/x/net` and `/x/sys`	2022-08-03 15:17:16 +01:00
Ashley Davis	01d8994f38	remove replacement for /x/net and update /x/net + /x/sys the replaced version had several CVEs as reported by Trivy: CVE-2021-44716 - golang.org/x/net: golang: net/http: limit growth of header canonicalization cache CVE-2021-31525 - golang.org/x/net: golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header CVE-2022-29526 - golang.org/x/sys: golang: syscall: faccessat checks wrong group this commit fixes those reported CVEs Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 14:44:06 +01:00
Ashley Davis	e4dca7a930	add go.mod and go.sum as sources this will trigger binaries to be rebuilt when go.mod and go.sum change Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 14:24:36 +01:00
jetstack-bot	aeae4b35fc	Merge pull request #5354 from cert-manager/add-inteon-as-maintainer add inteon to OWNERS	2022-08-01 15:28:23 +01:00
Joakim Ahrlin	1f6e3aed92	add inteon to ONWERS Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>	2022-08-01 14:12:31 +02:00
jetstack-bot	bdaa653a8a	Merge pull request #5352 from SgtCoDFish/straggler Remove straggling BUILD.bazel file	2022-08-01 10:18:22 +01:00
Ashley Davis	d53689c181	remove straggling BUILD.bazel file Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-01 09:40:58 +01:00
jetstack-bot	e58b47f345	Merge pull request #5340 from SgtCoDFish/byebazel Remove bazel 🎉	2022-07-27 09:13:05 +01:00
jetstack-bot	7084236430	Merge pull request #5339 from JoshVanL/5334-route-53-dont-reject-missing-secret Remove incorrect Route53 validation on AccessKeyID and SecretAccessKeyID	2022-07-26 12:28:12 +01:00
joshvanl	4138aa8986	Add code comment which states that it is valid to use neither an AccessKeyID or AccessKeySecretRef Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-26 11:56:13 +01:00
joshvanl	0c60503cc3	In PR https://github.com/cert-manager/cert-manager/pull/5194 , we introduced a validation whereby an issuer would be rejected if it did not contain AccessKeyID or SecretAccessKeyID when using the route53 DNS solver. This is incorrect, since neither should need to be defined when using AWS ambient credentials. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-26 11:51:16 +01:00
Daniel Quackenbush	54e1da255c	remove issue error if role is specified Signed-off-by: Dan Quackenbush<25692880+danquack@users.noreply.github.com>	2022-07-26 11:49:57 +01:00
Ashley Davis	fb231ab641	Remove bazel 🎉 This removes all .bazel and .bzl files, and a bunch of scripts relating to bazel, now that it's been entirely replaced. There are still a few places where traces could be removed, but this removes the brunt of the bazel stuff that remains. Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-26 11:38:50 +01:00
jetstack-bot	ca9e48c7e3	Merge pull request #5323 from JoshVanL/controllers-certificatesigningrequests-selfsigned-no-fail-missing-secret [SelfSigned] CertificateSigningRequest: don't mark failed when referenced Secret doesn't exist	2022-07-21 15:58:56 +01:00
jetstack-bot	a9c1e6aea7	Merge pull request #5329 from JoshVanL/test-flake-controllers-certificates-issuing-internal-manypasswordslengths Test Flake: TestManyPasswordLengths: pre-create password test cases outside of concurrent tests	2022-07-21 10:21:39 +01:00
jetstack-bot	fca26af20c	Merge pull request #5325 from JoshVanL/test-e2e-flake-certificate-request-approval E2E test flakes: CertificateRequest Approval	2022-07-21 09:36:40 +01:00
joshvanl	91e0a5ceca	TestManyPasswordLengths: pre-create password test cases outside of concurrent tests Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-21 09:30:28 +01:00
jetstack-bot	1053adf904	Merge pull request #5321 from SgtCoDFish/corecmroadmap Add "shrinking core" to roadmap	2022-07-20 16:45:14 +01:00
joshvanl	1f2ba6d7f7	Update the approval e2e tests so that transient client request errors are retried, and correctly check the error returned is expected when appropriate. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-20 16:31:11 +01:00
Jake Sanders	bdd626f481	Add suggestion from code review Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-20 16:08:57 +01:00
joshvanl	bbc6823163	When a CertificateSigningRequest using the SelfSigned issuer references a Secret which does not exist, return error, rather than marking the request as failed. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-20 13:39:11 +01:00
jetstack-bot	519d4dd803	Merge pull request #5318 from JoshVanL/test-e2e-flake-secret-template E2E test flakes: SecretTemplate	2022-07-20 13:37:13 +01:00
Ashley Davis	284b4716b1	add shrinking core to roadmap Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-20 12:55:52 +01:00
jetstack-bot	169da683c1	Merge pull request #5317 from JoshVanL/test-e2e-flake-additional-output-formats E2E test flakes: Additional output formats	2022-07-20 12:32:13 +01:00
joshvanl	9118c112e3	Adds on conflict retries to certificate state change in the SecretTemplate e2e test setups Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-20 12:21:29 +01:00
joshvanl	43223a1863	Adds on conflict retries to certificate state change in the additionaloutputformat e2e test setups Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-07-20 11:42:43 +01:00
jetstack-bot	cae9778fed	Merge pull request #5281 from SgtCoDFish/orderonly Use order-only prerequisites where possible for tools	2022-07-19 17:30:16 +01:00
Ashley Davis	1b10f5dd33	add some docs on changing or adding make targets Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-19 16:58:21 +01:00
Ashley Davis	d7e57c9918	use order-only prerequisites where possible for tools Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-19 16:16:18 +01:00
jetstack-bot	4d827d2715	Merge pull request #5313 from SgtCoDFish/aceofbase Update base images using ./hack/latest-base-images.sh	2022-07-19 10:39:40 +01:00
Ashley Davis	e7326519f9	update base images using ./hack/latest-base-images.sh Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-18 12:33:37 +01:00
jetstack-bot	f109f34aee	Merge pull request #5248 from irbekrm/update_roadmap Updates Roadmap	2022-07-14 09:48:24 +01:00
irbekrm	93447ca873	Updates Roadmap Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-07-13 19:47:07 +01:00
jetstack-bot	33c7c298b1	Merge pull request #5287 from munnerz/secrettemplate-retry-on-conflict Retry update on conflicts during SecretTemplate tests to avoid test flakes	2022-07-12 10:13:48 +01:00
jetstack-bot	3ef97e870d	Merge pull request #5288 from SgtCoDFish/bindir-target add missing target for $(BINDIR)	2022-07-11 17:09:57 +01:00
Ashley Davis	ba415c2df3	add missing target for $(BINDIR) Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-11 15:41:45 +01:00
James Munnelly	09e42e10db	Retry update on conflicts during SecretTemplate tests to avoid test flakes Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-07-11 14:13:21 +01:00
jetstack-bot	44a022a83c	Merge pull request #5022 from maelvls/fix-cmctl-version-missing Make: cmctl and kubectl-cert_manager are using two -ldflags, the second -ldflags is cancelling the first one	2022-07-11 12:29:57 +01:00
Maël Valais	24e1ba51a6	make: cmctl and kubectl-cert_manager were using two -ldflags I also took the opportunity to document the three most important "build" variables in "make help". Manually rebased to adopt $(BINDIR) changes Signed-off-by: Maël Valais <mael@vls.dev> Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-11 10:18:30 +01:00
jetstack-bot	d8c57e13ee	Merge pull request #5276 from joebowbeer/helm-readme Update helm README file	2022-07-08 07:31:35 +01:00
Joe Bowbeer	455001e34a	Kubernetes 1.20+ Signed-off-by: Joe Bowbeer <joe.bowbeer@gmail.com> Signed-off-by: Joe Bowbeer <joe.bowbeer@gmail.com>	2022-07-07 17:15:28 -07:00

1 2 3 4 5 ...

7125 Commits