weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
698 Commits 45 Branches 0 Tags 96 MiB
47465d645b
Commit Graph

295 Commits

Author SHA1 Message Date
James Munnelly
47465d645b Use item based exponential backoff rate limiter 2018-04-09 18:33:36 +01:00
James Munnelly
ae3b4836b5 Clean up successful validations. Fix up failed validation handling. 2018-04-09 18:16:02 +01:00
James Munnelly
99d7a7b99a Fix ACME DNS provider unit tests 2018-04-09 17:57:33 +01:00
James Munnelly
32cab11676 Fix rebase issues 2018-04-09 17:18:34 +01:00
James Munnelly
6f974ee5ad Run hack/update-codegen.sh 2018-04-09 17:17:01 +01:00
James Munnelly
b934852775 Merge branch 'master' into acmev2 2018-04-09 16:52:34 +01:00
James Munnelly
f1b3b4b962 Update CA issuer witih changes to UpdateStatusCondition 2018-04-09 15:43:26 +01:00
James Munnelly
4b361348ef Rewrite ACME issuer to use new ACMEOrderChallenge struct 2018-04-09 15:40:32 +01:00
James Munnelly
d3706ae33c Add ACMEOrderChallenge struct 2018-04-09 15:39:43 +01:00
James Munnelly
3bde815cf2 Update DNS and HTTP provider to use challenge structs 2018-04-09 15:38:43 +01:00
jetstack-bot
9021767cb7
Merge pull request #432 from euank/jetstack/user-agent 
Plumb a user-agent through pretty much everywhere
 2018-04-09 11:14:31 +01:00
jetstack-bot
8d80bb7492
Merge pull request #433 from kragniz/remove-namespace-flag 
Remove --namespace flag
 2018-04-09 11:14:25 +01:00
Euan Kemp
6b4e33a483 util/useragent: use more verbose version 2018-04-06 18:09:52 -07:00
Euan Kemp
4e5a2d1646 issuer/dns/route53: append our user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
9c3b4e83b4 pkg/util/kube: set user-agent 
This should make it slightly easier to filter api-server logs for
cert-manager activity
 2018-04-06 18:09:17 -07:00
Euan Kemp
4d9b0e836e issuer/dns/akamai: set user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
34391f0726 issuer/dns/cloudflare: set user-agent 2018-04-06 18:09:17 -07:00
Euan Kemp
f122c9c9c2 issuer/acme: add a timeout to the http client 2018-04-06 18:09:17 -07:00
Euan Kemp
7f12fb346c issuer/acme: move 'user-agent' logic to util 
This logic should be shared by things like the aws client as well.
 2018-04-06 18:09:11 -07:00
Louis Taylor
0961e24174
Remove namespace from more places 2018-04-06 11:20:24 +01:00
jetstack-bot
7f04c1cd6e
Merge pull request #388 from kragniz/secret-annotations 
Annotate created secrets with cert information
 2018-04-06 10:44:28 +01:00
James Munnelly
76f9f14357 Add TODO about cleaning up old authorization attempts 2018-04-05 00:17:03 +01:00
James Munnelly
838be2f54d Add getOrCreateOrder tests 2018-04-04 23:41:14 +01:00
James Munnelly
178a3a5eea Fix up bugs in unit testing framework 2018-04-04 23:40:44 +01:00
James Munnelly
b866b8cdf4 Fix bug in EqualUnsorted when comparing lists of the same length 2018-04-04 23:40:08 +01:00
James Munnelly
8d3c2f2b25 Create 'getOrCreateOrder' function 2018-04-04 23:39:34 +01:00
James Munnelly
fde0a0010c Add missing GetOrder function to FakeACME 2018-04-04 23:38:19 +01:00
James Munnelly
211c60b449 Fix panic when an error occurs while creating an order 2018-04-04 23:38:03 +01:00
James Munnelly
f2ddd1d111 Change DNSNames/CommonNameForCertificate function to not return an error 2018-04-04 23:37:37 +01:00
jetstack-bot
acfc2f78d1
Merge pull request #322 from yieldlab/akamai-support 
Add ACME DNS-01 provider for Akamai FastDNS
 2018-04-04 18:26:22 +01:00
James Munnelly
6f71a8de57 Update comments 2018-04-04 18:16:01 +01:00
James Munnelly
7e663971fd Fix typo 2018-04-04 17:39:11 +01:00
James Munnelly
e87ff94458 Fix import paths and use util.AppVersion for user agent version 2018-04-04 12:42:21 +01:00
James Munnelly
798a07b0c8 Set a custom User-Agent on acme client 2018-04-04 12:39:44 +01:00
James Munnelly
da0d45e3f4 Use DialContext in ACMEClient round tripper 2018-04-04 12:30:33 +01:00
James Munnelly
bd58bd8bc6 Fix acme test fixture 2018-04-04 11:32:06 +01:00
James Munnelly
b0e65f84c7 Add TODO for domain label values 2018-04-04 11:30:15 +01:00
James Munnelly
01efbca114 Merge branch 'master' into acmev2 2018-04-04 11:27:37 +01:00
Jacob Hoffman-Andrews
8baac71058 Add a meaningful User-Agent. 2018-03-30 14:18:38 -07:00
jetstack-bot
95883c47dd
Merge pull request #363 from euank/nonstatic-aws-creds 
Allow non-static AWS credentials for Route 53, gated by "ambient credentials" flags
 2018-03-26 12:35:18 +01:00
jetstack-bot
977b038d2b
Merge pull request #408 from kragniz/resource-limits 
Add limits to http validation pod
 2018-03-26 10:47:51 +01:00
Euan Kemp
faac0701ab issuer/route53: respect 'ambient' flag for region 
This notably results in the region being a required field if the
'ambient' option is not set for a given issuer.
 2018-03-24 14:16:33 -07:00
Louis Taylor
e8d6861d31
Increase memory limits 2018-03-24 00:24:51 +00:00
Euan Kemp
dd48f4aa05 issuer/acme/dns: add ambient=false unit test 2018-03-23 14:30:43 -07:00
Euan Kemp
971ef4f198 issuer/route53: remove unused integ test 
I'm convinced this test was never run and also did not provide any
significant value in this project.
 2018-03-23 14:30:43 -07:00
Euan Kemp
0d39da5174 issuer/route53: improve logging hosted zone errs 2018-03-23 14:30:43 -07:00
Euan Kemp
0fb787eae7 controller: add ambient issuer flags and feature 
This implements ambient credential support for AWS, gated behind flags
for issuers and cluster issuers.

This adds the pair of flags discussed in
https://github.com/jetstack/cert-manager/issues/308.

It provides an implementation for those flag's effects for the route53
solver.
 2018-03-23 14:30:43 -07:00
Euan Kemp
0e6ca80a70 issuer/route53: remove zone-id env test 
The zone id is never read from the environment; this test tests
functionality which doesn't exist in the actual software, so there's no
point in having it.
 2018-03-23 14:30:43 -07:00
Matt Moyer
14c109af46 Drop unused NewDNSProvider() method. 
Signed-off-by: Matt Moyer <moyer@heptio.com>
 2018-03-23 14:30:42 -07:00
Matt Moyer
1236a93d1e Allow non-static AWS credentials for Route 53. 
This change maintains backwards compatibility, but makes the `accessKeyID` and `secretAccessKeySecretRef` fields of the `route53` DNS provider optional.
If not provided, AWS credentials will be loaded from `AWS_*` environment variables or the EC2 metadata service.
This should also work for things that impersonate the EC2 metadata service, such as [kube2iam](https://github.com/jtblin/kube2iam) and [kail](https://github.com/uswitch/kiam).

Signed-off-by: Matt Moyer <moyer@heptio.com>
 2018-03-23 14:30:42 -07:00