cert-manager

Author	SHA1	Message	Date
James Munnelly	3d1183a169	Fix nil map panic when writing to an empty existing Secret Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-18 11:16:44 +00:00
jetstack-bot	1a75d41429	Merge pull request #1226 from munnerz/acme-client-metrics Add prometheus metrics for ACME client HTTP requests	2019-01-17 17:28:02 +00:00
jetstack-bot	63562421b8	Merge pull request #1227 from munnerz/use-cached-account-uri Use cached ACME account URL when constructing ACME client	2019-01-17 15:50:01 +00:00
jetstack-bot	e2e2b5998f	Merge pull request #1230 from munnerz/clear-url-on-reverify Clear issuer account URL if the directory and account URL's hosts differ	2019-01-17 15:28:12 +00:00
jetstack-bot	d9a3cd0b3f	Merge pull request #1228 from munnerz/retrieve-valid-order If an Order is already valid, attempt to retrieve existing certificate	2019-01-17 15:12:11 +00:00
James Munnelly	425f9c757a	Clear issuer account URL if the directory and account URL's hosts differ Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-17 14:36:33 +00:00
Daniel Morsing	dc8a4cb95e	Avoid connection leaking An empty transport will by default keep connections alive indefinitely. Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-17 14:09:15 +00:00
James Munnelly	e88e4f4406	If an Order is already valid, attempt to retrieve existing certificate Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-17 13:19:04 +00:00
James Munnelly	4b6351a4f2	🤦 Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-17 12:57:19 +00:00
James Munnelly	26ef11d2dc	Use cached account URI on Issuer resource when constructing ACME client Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-16 23:48:19 +00:00
James Munnelly	804d328b14	Add prometheus metrics for ACME client HTTP requests Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-16 23:05:53 +00:00
Daniel Morsing	f72b59bee1	Disable TLS verification when self-checking Fixes #949 Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-16 13:39:27 +00:00
James Munnelly	7fd1c2a0e3	Fix issuing a certificate into a pre-existing secret Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-15 14:44:11 +00:00
jetstack-bot	5f96b378e6	Merge pull request #1184 from tlmiller/feature/authnss Control authoritative dns01 server check.	2019-01-12 15:25:07 +00:00
Thomas Miller	dacd0b45cb	Control authoritative dns01 server check. Adds cmd flag for controlling if authoritative dns servers are used to check RR propagation or just normal resolvers. This change is added so that constrained enviornments can control more aspects of DNS queries performed. - Applying PR feedback Signed-off-by: Thomas Miller <thomas@tlm.id.au>	2019-01-12 20:17:28 +10:00
jetstack-bot	2fc68d9b33	Merge pull request #1197 from munnerz/acme-retain-challenges Retain Challenge resources for debugging if an Order enters an invalid state	2019-01-11 17:22:11 +00:00
jetstack-bot	c512319bfb	Merge pull request #1188 from kragniz/controller-namespace Add --namespace flag	2019-01-11 15:14:11 +00:00
James Munnelly	b1df71dd66	Retain Challenge resources for debugging if an Order enters an invalid state Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-11 14:04:23 +00:00
James Munnelly	21c7b2e13f	Increase ACME control loop max back-off. Increase create order back-off to 1h. Fire Event when Order fails. Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-10 22:07:48 +00:00
jetstack-bot	95f63313a9	Merge pull request #1192 from DanielMorsing/add-reason Add reason when an order/challenge gets marked invalid	2019-01-10 15:25:23 +00:00
Daniel Morsing	cc946c0b45	Populate reason field regardless If we have an error, then tell people about it. Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:54:43 +00:00
Daniel Morsing	1b921b1583	remove more strict validation Turns out the ACME server can respond with different codes than the ones listed Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:35:30 +00:00
Daniel Morsing	ba240bbe4e	Add reason when an order/challenge gets marked invalid When an ACME server tells us that a challenge or an order is invalid, it's helpful to get some information on why that's the case. Populate the reason field with the error information so that these issues can be more easily debugged. Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:05:15 +00:00
Louis Taylor	40b68a3e10	Fix more references to clusterIssuer Signed-off-by: Louis Taylor <louis@kragniz.eu>	2019-01-10 13:52:52 +00:00
Louis Taylor	bbda87b3c8	Add --namespace flag Signed-off-by: Louis Taylor <louis@kragniz.eu>	2019-01-10 13:52:52 +00:00
James Munnelly	8840925e3e	Fix append in CA issue function Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-09 11:39:48 +00:00
James Munnelly	22342b61b3	Fix use of SecretTLSKeyPair in certificates controller Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-09 11:39:48 +00:00
Mike Bryant	4fa6d9775c	feat: Include entire certificate chain if provided Allow a user to provide an entire certificate chain to the ca issuer. Include that chain in all generated certificates Signed-off-by: Mike Bryant <m@ocado.com>	2019-01-09 11:39:48 +00:00
James Munnelly	3e7509b51f	Remove flakey unit test in dns utils package Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-08 20:18:49 +00:00
James Munnelly	3ac4d19874	Fix bug in challenge scheduler causing invalid results Previously, we shared a single backing slice when performing filter operations on slices, causing issues when we perform sorting operations on that same underlying slice. Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-08 13:53:58 +00:00
James Munnelly	0fcc0c666c	Update copyright header year Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-07 15:07:55 +00:00
James Munnelly	e3ab52861a	Only follow CNAMEs if the Issuer's cnameStrategy is 'Follow' Signed-off-by: James Munnelly <james@munnelly.eu>	2018-12-04 13:57:13 +00:00
jetstack-bot	fafa0d5b1d	Merge pull request #1120 from munnerz/improved-challenge-scheduler Switch ACME challenge scheduler to evaluate all challenges at once	2018-11-30 12:29:12 +00:00
jetstack-bot	670cd8564f	Merge pull request #1111 from kellycampbell/udp-timeout-workaround Retry dns queries with TCP if UDP has an i/o timeout	2018-11-30 12:12:12 +00:00
jetstack-bot	bed2934534	Merge pull request #1125 from munnerz/issueresponse-ptr Switch issuer.Issue to return a pointer and fix up setting secret fields	2018-11-30 11:59:12 +00:00
James Munnelly	943e545697	Switch issuer.Issue to return a pointer and fix up setting secret fields Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-30 11:47:08 +00:00
James Munnelly	c890913fb1	Don't update Certificate status condition upon issuance Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-30 10:42:33 +00:00
James Munnelly	bca6ed6e64	Switch ACME challenge scheduler to evaluate all challenges at once Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 22:49:55 +00:00
Kelly Campbell	a90e833c3b	Retry dns queries with TCP if UDP has an i/o timeout Signed-off-by: Kelly Campbell <kelly.a.campbell@gmail.com>	2018-11-29 10:32:55 -05:00
jetstack-bot	f4e5203f1c	Merge pull request #1116 from munnerz/cleanup-challenges CleanUp ACME challenges after issuing and on delete using finalizer	2018-11-29 15:07:17 +00:00
jetstack-bot	28162cebff	Merge pull request #1119 from munnerz/remove-requeue Remove requeue option and fix small race in controllers	2018-11-29 13:42:16 +00:00
James Munnelly	f8fe9ef21f	Remove requeue option and fix small race in controllers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:23:21 +00:00
James Munnelly	1f68b0c583	Fix up unit tests Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
James Munnelly	e5830af6ba	Fix event log format & add additional event Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
James Munnelly	a4a23d432c	Set Certificate field on valid test order Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
James Munnelly	939c90c356	Log events in the FakeRecorder in e2e tests Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
James Munnelly	34c3590052	Store a copy of the signed certificate on the Order resource after Finalize Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
jetstack-bot	3fbd2ec79c	Merge pull request #1118 from munnerz/controller-remove-rate-limit Only add resources to the rate limited queue when an error occurs	2018-11-29 11:26:26 +00:00
jetstack-bot	8f37cf6c40	Merge pull request #1117 from munnerz/wildcard-challenge-check Include wildcard field in comparison of challenge specs	2018-11-29 11:26:17 +00:00
James Munnelly	08882e5fc2	Wrap missing secret data errors with Invalid Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 01:18:43 +00:00

1 2 3 4 5 ...

727 Commits