weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
6,538 Commits 45 Branches 0 Tags 96 MiB
37775615ff
Commit Graph

2788 Commits

Author SHA1 Message Date
joshvanl
37775615ff Use ApplyStatus in all Certificates controllers. When ServerSideApply 
enabled, set Issuing condition to False instead of removing it

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:15:57 +00:00
joshvanl
bdb4954c25 Adds updateOrApply to certificates controllers to optionally Apply 
certificate based on feature gate

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:14:31 +00:00
joshvanl
279a8ede99 Adds listType=map and listMapKey=type to Certificate Status Conditions 
field

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:14:31 +00:00
Ashley Davis
89bb5481cb
Increase margin of error in an otherwise unsound test 
This test can easily fail on a heavily loaded machine, such as one
running many tests in parallel.

1. The afterFunc could be delayed _massively_ on a heavily loaded
   machine, such as one running a lot of tests in parallel.
2. Requiring an accuracy of 1ms seems like a flake waiting to happen
   (as it was in this case)
3. When we write code which uses this scheduler, we can't even
   safely assume the afterFunc will _ever_ be run, let alone run
   within a 1% margin of time error. As such I don't think this
   test is providing any value beyond a general sanity check.

By increasing the allowable delta massively, we keep this test as a
sanity check but basically remove the chance of a flake. The test
essentially becomes "does afterFunc work, generally?".

Also adds a check that the elapsed time is greater than the expected
time.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-11 10:14:34 +00:00
joshvanl
9ca869c2cf Add tests to secret manager for additional output formats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:41:45 +00:00
jetstack-bot
b1180c59ad
Merge pull request #4587 from SgtCoDFish/bigrename 
Rename import path
 2022-02-03 11:56:12 +00:00
jetstack-bot
3c8eee34ae
Merge pull request #4815 from JoshVanL/controllers-certificates-issuing-secrets-manager-always-force 
Always Force apply in issuing controller's secret manager
 2022-02-02 15:40:40 +00:00
jetstack-bot
d16a79db13
Merge pull request #4793 from fvlaicu/change-route53-acme-challenge-record-creation 
Use multivalue records instead of simple records
 2022-02-02 12:18:39 +00:00
Ashley Davis
b084e5804c
fix violations of our coding conventions on import ordering 
this is exposed by the rename when cert-manager internal imports are mixed in with
external imports

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 11:53:39 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
c737c3d9c6 Update secret manager test to no longer expect a non-force apply 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 18:04:42 +00:00
joshvanl
e5e3cf1fa2 Always Force apply in issuing controller's secret manager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 17:57:22 +00:00
joshvanl
35fba365bf Update AdditionalOutputFormats comment to reflect addition of feature to 
webhook set.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 17:04:55 +00:00
joshvanl
4445f85d62 Update bazel deps 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-31 13:44:43 +00:00
joshvanl
364c02d36e Ensure RateLimiter is preserved across all built Contexts 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-31 13:38:45 +00:00
joshvanl
834e6bcb04 Set RESTConfig burst and QPS inside context factory so all clients 
inherit these values

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-31 11:34:09 +00:00
Florin Vlaicu
ff6b627401 use multivalue records instead of simple records to allow having multiple txt records for a domain. 
Signed-off-by: Florin Vlaicu <19238716+fvlaicu@users.noreply.github.com>
 2022-01-28 18:05:48 +02:00
joshvanl
fb6e0b9f00 Pass FieldManager down to issuing controller->secrets manager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 13:56:29 +00:00
joshvanl
07d8d4ee3c Pipes user agent down to acme clients 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
a220be5bc5 Adds user agent pipethrough for acme accounts 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
8f0c79396f Adds rest config builder to include new user agent 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
d89c3e71dc Update rest of controllers with ControllerFactory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
fb391a26e5 Update CertificateSigningRequest controller to use new ContextFactory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
bd18c0ed86 Update CertificateRequest controllers to use new controller factory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
joshvanl
c66591cf37 Update certificate controllers with new controller builder 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:48 +00:00
joshvanl
52a6ae2198 Adds ContextFactory to controller package. Changes controller builder to 
use ContextFactory

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:50:12 +00:00
jetstack-bot
b12d78d364
Merge pull request #4746 from JoshVanL/controller-readiness-certificates-spec-match 
Certificates controller policies refactor
 2022-01-27 12:45:40 +00:00
jetstack-bot
39e388eaa5
Merge pull request #4762 from jakexks/use-only-ingress-annotation 
Always use the kubernetes.io/ingress.class annotation (#4537)
 2022-01-21 13:45:07 +00:00
Jake Sanders
65902d57a3
Always use the kubernetes.io/ingress.class annotation (#4537) 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-01-21 10:35:25 +00:00
James Munnelly
787ff34e38 Add copyright attribution 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 11:07:49 +00:00
James Munnelly
fa61625d5f Regenerate test CRDs 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
65b8994330 Avoid defaulting objects before validation 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
0bba671152 Ensure defaulting is applied in the correct API version during mutation 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
07a0171e98 Use regular discovery client instead of cache 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
e13c879681 Remove old handlers & admission plugins 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00
James Munnelly
572aecd48d Add webhook admission package to implement admission control in a clearer manner 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:54:18 +00:00
joshvanl
38b7b930c8 Add tests from rebase and more policies under 
/internal/controller/certificates

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:31:05 +00:00
joshvanl
3b148347ad Move temporary certificate policy init into policy package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
a53987214f Move certificates controller policies under /internal/controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
f1cafae95f Refactor trigger policies to be more generic and be used by multiple 
controllers

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
655dbfec51 Update certificates controller secrets manager since feature gate is 
removed

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
bdc310adeb Update certificates secret manager to Apply managed fields when the 
apply feature is enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
d8548215dd Update secret manager to include additional output formats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
jetstack-bot
051a763ee5
Merge pull request #4638 from JoshVanL/controllers-certificates-secret-template 
SecretTemplate reconciliation. SecretManager Apply
 2022-01-18 13:28:57 +00:00
jetstack-bot
e2aede44c7
Merge pull request #4731 from DiptoChakrabarty/lint 
add go linters fixes within codebase
 2022-01-18 12:52:57 +00:00
DiptoChakrabarty
ba9dccb26d fix comments in consts 
Signed-off-by: DiptoChakrabarty <diptochuck123@gmail.com>
 2022-01-18 10:04:58 +05:30
joshvanl
419ff43312 Add more context to SecretCertificateAnnotations 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 15:15:39 +00:00
joshvanl
ee3cc828a9 Ensure the SecretTemplate matching is aware of the base annotations set 
on the Secret

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:41:24 +00:00
joshvanl
5019aaacfc Update SecretTemplate API comments to highlight that annotations are 
appended to base annotations

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:40:13 +00:00