weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
654 Commits 45 Branches 0 Tags 96 MiB
3bde815cf2
Commit Graph

268 Commits

Author SHA1 Message Date
James Munnelly
3bde815cf2 Update DNS and HTTP provider to use challenge structs 2018-04-09 15:38:43 +01:00
James Munnelly
76f9f14357 Add TODO about cleaning up old authorization attempts 2018-04-05 00:17:03 +01:00
James Munnelly
838be2f54d Add getOrCreateOrder tests 2018-04-04 23:41:14 +01:00
James Munnelly
178a3a5eea Fix up bugs in unit testing framework 2018-04-04 23:40:44 +01:00
James Munnelly
b866b8cdf4 Fix bug in EqualUnsorted when comparing lists of the same length 2018-04-04 23:40:08 +01:00
James Munnelly
8d3c2f2b25 Create 'getOrCreateOrder' function 2018-04-04 23:39:34 +01:00
James Munnelly
fde0a0010c Add missing GetOrder function to FakeACME 2018-04-04 23:38:19 +01:00
James Munnelly
211c60b449 Fix panic when an error occurs while creating an order 2018-04-04 23:38:03 +01:00
James Munnelly
f2ddd1d111 Change DNSNames/CommonNameForCertificate function to not return an error 2018-04-04 23:37:37 +01:00
James Munnelly
6f71a8de57 Update comments 2018-04-04 18:16:01 +01:00
James Munnelly
7e663971fd Fix typo 2018-04-04 17:39:11 +01:00
James Munnelly
798a07b0c8 Set a custom User-Agent on acme client 2018-04-04 12:39:44 +01:00
James Munnelly
da0d45e3f4 Use DialContext in ACMEClient round tripper 2018-04-04 12:30:33 +01:00
James Munnelly
bd58bd8bc6 Fix acme test fixture 2018-04-04 11:32:06 +01:00
James Munnelly
b0e65f84c7 Add TODO for domain label values 2018-04-04 11:30:15 +01:00
James Munnelly
01efbca114 Merge branch 'master' into acmev2 2018-04-04 11:27:37 +01:00
jetstack-bot
95883c47dd
Merge pull request #363 from euank/nonstatic-aws-creds 
Allow non-static AWS credentials for Route 53, gated by "ambient credentials" flags
 2018-03-26 12:35:18 +01:00
jetstack-bot
977b038d2b
Merge pull request #408 from kragniz/resource-limits 
Add limits to http validation pod
 2018-03-26 10:47:51 +01:00
Euan Kemp
faac0701ab issuer/route53: respect 'ambient' flag for region 
This notably results in the region being a required field if the
'ambient' option is not set for a given issuer.
 2018-03-24 14:16:33 -07:00
Louis Taylor
e8d6861d31
Increase memory limits 2018-03-24 00:24:51 +00:00
Euan Kemp
dd48f4aa05 issuer/acme/dns: add ambient=false unit test 2018-03-23 14:30:43 -07:00
Euan Kemp
971ef4f198 issuer/route53: remove unused integ test 
I'm convinced this test was never run and also did not provide any
significant value in this project.
 2018-03-23 14:30:43 -07:00
Euan Kemp
0d39da5174 issuer/route53: improve logging hosted zone errs 2018-03-23 14:30:43 -07:00
Euan Kemp
0fb787eae7 controller: add ambient issuer flags and feature 
This implements ambient credential support for AWS, gated behind flags
for issuers and cluster issuers.

This adds the pair of flags discussed in
https://github.com/jetstack/cert-manager/issues/308.

It provides an implementation for those flag's effects for the route53
solver.
 2018-03-23 14:30:43 -07:00
Euan Kemp
0e6ca80a70 issuer/route53: remove zone-id env test 
The zone id is never read from the environment; this test tests
functionality which doesn't exist in the actual software, so there's no
point in having it.
 2018-03-23 14:30:43 -07:00
Matt Moyer
14c109af46 Drop unused NewDNSProvider() method. 
Signed-off-by: Matt Moyer <moyer@heptio.com>
 2018-03-23 14:30:42 -07:00
Matt Moyer
1236a93d1e Allow non-static AWS credentials for Route 53. 
This change maintains backwards compatibility, but makes the `accessKeyID` and `secretAccessKeySecretRef` fields of the `route53` DNS provider optional.
If not provided, AWS credentials will be loaded from `AWS_*` environment variables or the EC2 metadata service.
This should also work for things that impersonate the EC2 metadata service, such as [kube2iam](https://github.com/jtblin/kube2iam) and [kail](https://github.com/uswitch/kiam).

Signed-off-by: Matt Moyer <moyer@heptio.com>
 2018-03-23 14:30:42 -07:00
James Munnelly
e786e47d73 Add ensurePod and ensureService tests 2018-03-23 18:50:46 +00:00
James Munnelly
0d945e86f5 Add 5s acme client connect timeout 2018-03-23 18:50:46 +00:00
James Munnelly
8d48e75d6e Use GetAccount to check if acme account is already registered 2018-03-23 18:50:46 +00:00
James Munnelly
e91dfc40af Fix ACME CSR generation 2018-03-23 18:50:46 +00:00
James Munnelly
cb042e886f Fix buildOrder function 2018-03-23 18:50:46 +00:00
James Munnelly
8ad26f6378 Fix log message print formatting 2018-03-23 18:50:46 +00:00
James Munnelly
d4b07ab0bb Add log messages throughout ACME Present process 2018-03-23 18:50:46 +00:00
James Munnelly
8eaf63cf29 Fix testReachability 2018-03-23 18:50:46 +00:00
James Munnelly
9cb346313c Fix panic in http solver 2018-03-23 18:50:46 +00:00
James Munnelly
02f1b37caf Add correct HasSynced func 2018-03-23 18:50:46 +00:00
James Munnelly
649fdecdd2 Add comment explaining new HasSynced usages 2018-03-23 18:50:46 +00:00
James Munnelly
0a7cefecf4 Call Pod & Service lister HasSynced method in Cert controller construction 2018-03-23 18:50:46 +00:00
James Munnelly
06f9d6e40d Fix listing existing pods/services/ingresses in http solver 2018-03-23 18:50:46 +00:00
James Munnelly
e10affd765 Add comments to test fixture 2018-03-23 18:50:46 +00:00
James Munnelly
48edcd2f96 Run gofmt 2018-03-23 18:50:45 +00:00
James Munnelly
bf3570af0d Add OwnerReferences to HTTP solver resources 2018-03-23 18:50:45 +00:00
James Munnelly
cfc11f324b Fix bugs in http challenge solver 2018-03-23 18:50:45 +00:00
James Munnelly
36c825fa48 Set order.URL in createOrder 2018-03-23 18:50:45 +00:00
James Munnelly
d617bec346 Don't use order URL as a pod label. Cleanup existing resources if multiple exist. 2018-03-23 18:50:45 +00:00
James Munnelly
393e146543 Fix arguments to ensureIngress 2018-03-23 18:50:45 +00:00
James Munnelly
c9dfd408b7 Run gofmt 2018-03-23 18:50:45 +00:00
James Munnelly
42c5599305 Rename integration test framework to unit 2018-03-23 18:50:45 +00:00
James Munnelly
0a0747dac7 Move OrderURL into OrderStatus struct and fix up http solver 2018-03-23 18:50:45 +00:00