weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
7,657 Commits 45 Branches 0 Tags 96 MiB
300fe72ff0
Commit Graph

77 Commits

Author SHA1 Message Date
irbekrm
56cf4dfd3c Allows to modify configured injectable kinds for cainjector via flags 
Also changes name of --watch-certs flag to --enable-certificate-data-source

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 11:43:00 +00:00
irbekrm
0c64cebfc5 Rename injector.go -> injectables.go 
To reduce the variations of naming

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 11:43:00 +00:00
irbekrm
767aa39ddb Simplify injectable logic 
Reduce the amount of interfaces enclosing the injectable instance from 3 to 1. Also some minor renaming and comments cleanup

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 11:43:00 +00:00
irbekrm
3e58a442b7 Cleanup reconciler logic 
Make the file structure and struct naming more intuitive, add some comments

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 11:43:00 +00:00
irbekrm
74b258c3be Code review feedback 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 08:53:27 +00:00
irbekrm
7e4dea1c2e Clarify the error message when secret annotation is missing namespace prefix 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-31 11:12:31 +00:00
irbekrm
24040c4989 Ensure that updates to injectables are caught 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-31 10:49:56 +00:00
irbekrm
a174f0faa4 Filter injectables that trigger reconciles 
Only trigger reconciles for events on injectable types that are annotated, not random unrelated resources

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-30 11:27:15 +00:00
irbekrm
7a5c71a1ed Cleanup, better comments 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-30 11:26:07 +00:00
irbekrm
3aba8ed32d Makes cainjector Certificate watch optional 
Configurable via a flag, true by default

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-24 13:52:45 +00:00
irbekrm
4776597cb4 Remove the double cache mechanism for cainjector 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-23 17:38:46 +00:00
irbekrm
ff80030737 Log error if CA source is in a namespace that is not in scope 
cainjector will still watch cluster-scoped resources such as CRDs, so it can get references to Secrets or Certificates in namespaces that are out of scope

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-06 10:09:36 +00:00
irbekrm
87bef52337 Fix cainjector's namespace flag 
Ensures that when cainjector has the namespace flag passed, namespaced resource caching is scoped to that namespace

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-05 18:15:19 +00:00
Tim Ramlot
836793e7e3 upgrade gateway api to v0.5.0 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-08-08 08:52:59 +00:00
Ashley Davis
fb231ab641
Remove bazel 🎉 
This removes all .bazel and .bzl files, and a bunch of scripts relating
to bazel, now that it's been entirely replaced.

There are still a few places where traces could be removed, but this
removes the brunt of the bazel stuff that remains.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-07-26 11:38:50 +01:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
Eng Zer Jun
54e70d2cc4
refactor: move from io/ioutil to io and os package 
The io/ioutil package has been deprecated in Go 1.16. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-08-23 19:50:42 +08:00
Tamal Saha
7b63788f52 Cleanup codegen script 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
b1cb6422e4 Use controller-runtime v0.9.0-beta.0 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
jetstack-bot
6ad91e0700
Merge pull request #3833 from JoshVanL/controller-issuer-context 
Pass context through to client calls in controllers and acme issuer
 2021-04-06 18:53:57 +01:00
Richard Wall
20510e45f0 Update cainjector to use stable API versions 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 17:23:28 +01:00
joshvanl
18ae2295f9 Pass context through to client calls in controllers and acme issuer 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-31 20:34:12 +01:00
Matt Turner
44f69ce015 Minor log message clarification 
Supplying just a name, rather than a namespace/name, for a cainjector
source reference, results in the generic error message "invalid
certificate name". This condition is detected on its own branch so we
can be more specific.

Signed-off-by: Matt Turner <matturner@gmail.com>
 2021-01-07 19:21:11 +00:00
Maartje Eyskens
ab0cd57dc5 Use The cert-manager Authors. 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-11 19:04:13 +01:00
Maartje Eyskens
1788a9d758 Update copyright to cert-manager project 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-08 19:04:49 +01:00
Richard Wall
0a2a4b0d7a Revert the introduction of errors.WithStack 
* The logging isn't configured to show the stack traces anyway.

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 12:08:10 +01:00
Richard Wall
ea73ab534c Document newIndependentCacheAndDelegatingClient 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 12:02:52 +01:00
Richard Wall
35f10ef439 Explain why we're not using the controller.Builder 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 11:58:30 +01:00
Richard Wall
975e98e285 Log an error if WaitForCacheSync fails 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 11:51:45 +01:00
Richard Wall
a5e6f6c262 Stop creating new controllers if one of the errgroup has already erred 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 11:41:11 +01:00
Richard Wall
602043013e Revert the increased number of reconcile threads 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 11:39:52 +01:00
Richard Wall
2bffaf9270 A clearer name for the function which creates each controller 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 11:38:00 +01:00
Richard Wall
7c6374ff07 Explain why we ignore objects with a deletionTimestamp 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 10:28:32 +01:00
Richard Wall
e2765f720a Remove debug log 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 10:04:28 +01:00
Richard Wall
e27e503624 Ensure that each controller's delegating client refers to the correct cache 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-18 08:29:07 +01:00
Richard Wall
98fff7dcf8 Clearer logging 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 16:43:15 +01:00
Richard Wall
1bb99dee1a Increase the number of reconciler goroutines 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 16:42:51 +01:00
Richard Wall
ebd7ba5e70 Ignore objects that are being deleted 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 16:41:58 +01:00
Richard Wall
3d63a76da9 Make the injector sources read from the same cache as the controller 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 14:41:28 +01:00
Richard Wall
b772f3295b Use cancellable contexts and errgroups 
...to control the starting and stopping of controllers and caches

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 09:37:05 +01:00
Richard Wall
3723ea5a52 Update all 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-11 10:32:07 +01:00
Richard Wall
0f7b23c23b Pass the specific cache to the indexer functions 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-11 10:21:12 +01:00
Richard Wall
81874895b0 Use NewUnmanaged and separate caches for each controller 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-11 10:09:27 +01:00
Richard Wall
81eb53f597 ./hack/update-all.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:28:06 +01:00
Richard Wall
a70298180a Run a script to update v1alpha2 usage to v1 
Script is available at https://github.com/jetstack/cert-manager/pull/3201

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:26:51 +01:00
Maartje Eyskens
3259fdfe9b Implement feedback 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
827ce9c5ad Revert log levels on errors 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
86dee5ed41 Set error log levels 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Maartje Eyskens
fecd0b3518 Set all log levels for info 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
James Munnelly
8a1d7c6831 Remove AuditSink support from cainjector 
The AuditSink resource type (previously in alpha) has been removed
as per https://groups.google.com/g/kubernetes-sig-auth/c/aV_nXpa5uWU.

Remove all support for it from our cainjector so we are able to
continue to upgrade dependencies, and to avoid more users coming
to rely on this functionality ahead of it being removed from
Kubernetes.

Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-07-01 19:35:20 +01:00