weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
6,226 Commits 45 Branches 0 Tags 96 MiB
4afe2f00a8
Commit Graph

262 Commits

Author SHA1 Message Date
Igor Zibarev
f9ceb8a73e Fix some lint issues regarding comments 
References issue #4457

Signed-off-by: Igor Zibarev <zibarev.i@gmail.com>
 2021-11-02 13:57:20 +03:00
Eng Zer Jun
54e70d2cc4
refactor: move from io/ioutil to io and os package 
The io/ioutil package has been deprecated in Go 1.16. This commit
replaces the existing io/ioutil functions with their new definitions in
io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-08-23 19:50:42 +08:00
irbekrm
831b87898f Explicitly set Venafi Cloud e2e tests to use v2 endpoint 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-08-18 12:52:05 +01:00
Inteon
ef31a2ea08
cleanup & better error debug printing 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-08-06 17:31:58 +02:00
jetstack-bot
8d0c228a1f
Merge pull request #4298 from inteon/fix_test_flake 
Improve certificate condition checking and error logging
 2021-08-05 09:43:39 +01:00
Inteon
66820ed03e
resolve bugs 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-08-04 18:50:29 +02:00
Inteon
7bf6bf93bf
cleanup test functions 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-08-04 15:11:30 +02:00
Inteon
2d2bde57c0
improved certificate condition checking and error logging 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-08-03 23:00:42 +02:00
Jake Sanders
b19bdff66b
Tidy certificate test suites 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-08-02 14:53:15 +01:00
Jake Sanders
90e4324c7a
e2e tests for Gateway HTTP01 Solver 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-08-02 14:12:30 +01:00
jetstack-bot
94d854c525
Merge pull request #4244 from RinkiyaKeDad/new_featureset 
adding a new feature set for Public ACME servers
 2021-08-02 12:57:06 +01:00
Arsh Sharma
2baaea339f created a fs for long domain 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-07-27 19:13:19 +05:30
Arsh Sharma
83f80691c7 changes from pair programming session 22nd July 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-07-22 17:18:22 +05:30
Inteon
c377e0e0cd
add comments 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-22 13:08:11 +02:00
Inteon
ac677964c1
resolve test flakes 'the object has been modified' 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-22 10:10:39 +02:00
Ashley Davis
31360580f0
Merge pull request #4232 from SgtCoDFish/cabasicconstraint_e2e 
CA Basic Constraint checks in e2e tests
 2021-07-21 14:10:03 +01:00
Ashley Davis
05b31e96f2
add conformance suite check for issuing CA certificates 
this is disabled for all issuers except selfsigned and CA. the intention
is to pave the way for adding maxPathLen support later.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-07-20 12:09:17 +01:00
Ashley Davis
6b5df6b42b
remove unused ValidateIssuedCertificate function 
this function doesn't appear to be used anywhere, which makes it a
little confusing when trying to work out how the checks are done in the
e2e tests.

given that we encourage people not to import cert-manager as a module
and that anyone who does is likely not to use functions in the test
directory, it seems safe enough to remove this rather than deprecating
it.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-07-20 12:08:06 +01:00
Ashley Davis
24baa7e526
minor code style / comment changes in test files 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-07-19 17:19:13 +01:00
joshvanl
ff2dfd7b64 Moves venafi addon into the framework addons package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-19 15:50:23 +01:00
Maël Valais
1cd44fa730 gateway-shim: conformance: a cert should get created for a Gateway 
Signed-off-by: Maël Valais <mael@vls.dev>
 2021-07-15 20:34:50 +02:00
jetstack-bot
75d91bcb29
Merge pull request #4103 from JoshVanL/certificate-signing-request=vault 
CertificateSigningRequest Vault controller
 2021-07-02 13:33:37 +01:00
joshvanl
943f9abdb1 Minor comment and error message changes 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-30 18:09:32 +01:00
Inteon
fd20a0584a
Add explicit WithObservedGeneration versions of the Wait and Condition functions 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-06-29 15:48:13 +02:00
Inteon
879108d9e4
deduplicate logic in CertificateHasCondition, WaitForCertificateReady & add WaitForCertificateReadyUpdate for testing Certificate update operations 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-06-29 14:16:30 +02:00
Inteon
6ceaf6d4bd
deduplicate subdomain name generation logic in tests 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-06-29 12:29:45 +02:00
joshvanl
f054611b32 Change vault policy string to not require escaping 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 10:41:03 +01:00
joshvanl
680c4f4a41 Fix vault setup in e2e by reverting ttl duration 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 10:41:03 +01:00
joshvanl
a6a394236b Revert Vault e2e ttl setting, and make Ed keys an unsupported feature 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 10:41:03 +01:00
joshvanl
889e7b9c50 Revert e2e vault setup to use original max certificate TTL, and fix 
custom app role auth path in CSR tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 10:41:03 +01:00
joshvanl
aac1f24450 Expands CSR validation to allow not checking CA as the Root 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 10:37:46 +01:00
joshvanl
2c193f9f60 Changes Vault e2e addon to enable Kubernetes Auth signing and make roles 
ready for ClusterIssuer testing

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-29 09:11:43 +01:00
joshvanl
7e8bf731b2 Remove the experimental.cert-manager.io/ca annotation from the 
CertificateSigningRequest

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-25 16:02:37 +01:00
jetstack-bot
1f602cfcd4
Merge pull request #4110 from RinkiyaKeDad/add_flags_for_acme_test 
adding flags for config in the acme issuer tests
 2021-06-18 14:56:23 +01:00
Arsh Sharma
2629d5976d combined into one struct 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-06-18 16:57:07 +05:30
joshvanl
b3804bb162 Cleans up CSR E2E validation functions, allow 30s duration fuzz, allow 
common name copy to DNS names, spelling

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-18 12:20:43 +01:00
RinkiyaKeDad
607ea9c1cd initial commit 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-06-17 12:08:02 +05:30
joshvanl
b35a9170b7 Fix ecdsa public CSR key validation 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-16 10:43:49 +01:00
joshvanl
f92bdeaa80 Adds Ed25519 tests to CertificateSigningRequest conformance tests 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 18:34:08 +01:00
joshvanl
6736a2d82c Adds missing validation functions to the default 
CertificateSigningRequest e2e conformance tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 17:58:34 +01:00
joshvanl
a0f0d85f5f Remove unused CertificateSigningRequest helper functions 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 17:58:34 +01:00
joshvanl
82e2b4e078 Refactor all validations into validations package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 17:58:34 +01:00
joshvanl
159c8ca760 Move featureset into separate helper package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 17:58:34 +01:00
joshvanl
40bcbdd3e9 Adds CertificateSigningRequest e2e validation functions 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 17:58:34 +01:00
Anner J. Bonilla
9546a357a5
Add support for certificates with ed25519 private keys 
Note that using ed25519 on the public internet is not currently
recommended, since it's not widely supported. You'd likely not be able
to use an Ed25519 cert with an ACME issuer today.

Ed25519 certs might be useful for internal PKI, though - an ed25519 CA
issuer, say - or for testing ed25519 certs before they become more
widely available on the public internet. They're not currently
supported by Vault, Venafi or ACME (Letsencrypt) issuers.

Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>
Signed-off-by: Anner J. Bonilla <annerjb@gmail.com>
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-06-14 11:17:35 +01:00
jetstack-bot
3242b83b12
Merge pull request #4081 from JoshVanL/certificate-signing-request-ca-e2e 
Certificate Signing Request CA e2e
 2021-06-09 13:13:30 +01:00
joshvanl
9ef5fef3a1 Changes kube CSR CA e2e tests to be more readable and improve validation 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-09 11:36:21 +01:00
joshvanl
5a64222475 Adds CA Issuer CertificateSigningRequest e2e test 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-07 15:32:54 +01:00
RinkiyaKeDad
438a0fff13 removed nil line 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-06-04 13:10:04 +05:30
RinkiyaKeDad
662bc5030c removed more stuff 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-06-03 12:37:27 +05:30