cert-manager

Author	SHA1	Message	Date
Richard Wall	4cec43bf93	Add metrics server to the cainjector Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-07-23 12:35:50 +01:00
Richard Wall	e21a57a88c	Enable metrics server on the webhook Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-07-19 17:04:52 +01:00
Yuedong Wu	df37eba376	fix API fields description for venafi tpp Signed-off-by: Yuedong Wu <dwcn22@outlook.com>	2024-07-01 20:55:51 +08:00
cert-manager-prow[bot]	50abeda40d	Merge pull request #6987 from cbroglie/renew-before-pct feat: Add renewBeforePercentage alternative to renewBefore	2024-07-01 09:45:23 +00:00
Christopher Broglie	0f74d7536e	Add renewBeforePercentage alternative to renewBefore Since the actual duration is unknown until a cert has been issued, providing an absolute duration for renewBefore can result in accidental renewal loops. The new renewBeforePercentage field computes the effective renewBefore using the actual duration, allowing users to better express intent while maintaining backwards compatibility. Fixes #4423, resolves #5821 Signed-off-by: Christopher Broglie <cbroglie@cloudflare.com>	2024-06-29 21:18:15 -07:00
cert-manager-prow[bot]	837c6a1e06	Merge pull request #7036 from fidelity-contributions/feature/5514-venafi-issuer-ca-ref-support Feature/5514 - Add SecretRef support for venafi TPP issuer CA Bundle	2024-06-24 14:18:20 +00:00
Tim Ramlot	363a63ac96	Add client certificate authentication for Vault issuers Co-authored-by: Maël Valais <mael@vls.dev> Signed-off-by: Joshua Mühlfort <muehlfort@gonicus.de>	2024-06-17 09:16:26 +02:00
cert-manager-prow[bot]	055f08d67e	Merge pull request #7015 from inteon/support_duration_string Support duration strings in config API	2024-05-17 13:19:52 +00:00
Tim Ramlot	085c63dd9a	apply PR feedback: add kubebuilder annotations Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-17 14:20:28 +02:00
Tim Ramlot	e51f4a46db	update CRD field comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-14 17:49:56 +02:00
Tim Ramlot	60324bcb5e	Add support for duration values in "Go time.ParseDuration" format. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-14 17:31:23 +02:00
cert-manager-prow[bot]	ac287e1f26	Merge pull request #7013 from inteon/deduplicate_shared_config Deduplicate shared config API structs	2024-05-14 14:28:50 +00:00
Tim Ramlot	cfe974b775	deduplicate shared config API structs Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-14 09:28:10 +02:00
pwhitehead	35571e014d	refactor to use token request API Signed-off-by: Paul Whitehead <pwhitehead@splunk.com>	2024-05-07 11:11:21 -06:00
Paul Whitehead	528428b31f	support assumeRoleWithWebIdentity for Route53 issuer Signed-off-by: Paul Whitehead <pwhitehead@splunk.com> fix test signature	2024-05-07 11:10:17 -06:00
Tim Ramlot	a8b5178fc5	fix dupword linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	bdb8f6d70c	fix tagalign linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Erik Godding Boye	003c1b12e8	Promote AdditionalCertificateOutputFormats feature gate to Beta and enable by default Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2024-04-28 17:29:35 +02:00
Adam Talbot	a7f089b64c	feat: graduate gateway-api to beta and enable by default Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-04-25 17:05:58 +01:00
Sankalp Yengaldas	adc7cd0f06	add testcases and generate deepcopy methods Signed-off-by: Sankalp Yengaldas <sankalp.yb@fmr.com>	2024-04-24 10:14:31 -04:00
Youngjun	237dfd9f0d	refectoring: remove unnecessary code Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 14:24:59 +09:00
Mangesh Hambarde	f3bfc93bba	JSON encoded secretTemplate as Ingress annotation Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:37:28 +00:00
Mangesh Hambarde	efe2e06288	New Ingress annotation for copying custom annotations to secret template Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Bill Waldrep	d4911ebfaa	Add optional flag to specify jks keystore alias. Previously the JKS keystore alias was hardcoded to "certificate". This change adds an optional configuration point to allow users to specify a custom keystore alias. If the flag is omitted we will default to the previous behavior. Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 13:23:09 -05:00
Diego Arce	83e0f95e58	fix: SecretName description for DynamicServingConfig Signed-off-by: Diego Arce <diego@arce.cr>	2024-02-21 23:12:43 -06:00
jetstack-bot	f643eef2b2	Merge pull request #6755 from import-shiburin/master bugfix: wrong certificate chain is used if preferredChain is configured	2024-02-20 15:29:07 +00:00
Tim Ramlot	0ed660873e	fix incorrect comments and error messages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 19:49:28 +01:00
jetstack-bot	7f92e38988	Merge pull request #6614 from rodrigorfk/feat-vault-mtls feat: Add the ability to communicate with Vault via mTLS	2024-02-16 18:11:26 +00:00
cloudwiz	75d1449903	move audiences under the SA ref Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-08 14:07:03 +00:00
cloudwiz	624f874d69	updated spelling and generated CRDs Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 15:06:31 +00:00
cloudwiz	9cf9cb7ea5	Vault extra audiences (#3 ) --------- Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 10:06:17 +00:00
Rodrigo Fior Kuntzer	199c98689f	feat: supporting Vault server mTLS Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-15 09:25:30 -03:00
Tim Ramlot	67f8a03cae	update AzureDNS auth API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-12 12:07:02 +01:00
jetstack-bot	a1c134e78c	Merge pull request #6574 from ThatsMrTalbot/tls-metrics-endpoint feat: add tls to metrics endpoint	2024-01-10 14:48:17 +00:00
Adam Talbot	d27fcc2762	refactor: refactored metrics server code into internal package Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-04 15:49:25 +00:00
Tim Ramlot	41404a7fd7	rename UseCertificateRequestNameConstraints to NameConstraints Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 15:49:18 +01:00
jetstack-bot	cc8925ae9f	Merge pull request #6404 from SpectralHiss/hef/otherNameSANs Other name sans support in Certificates	2024-01-03 14:16:23 +00:00
jetstack-bot	4af78fe98a	Merge pull request #6548 from snorwin/modern-pkcs12 New option to specify encryption and MAC algorithms for PKCS#12 keystores.	2024-01-03 12:54:22 +00:00
Tim Ramlot	8223df9e91	rename Algorithms to Profile Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 13:45:02 +01:00
Adam Talbot	ae143c15f6	feat: add tls to metrics endpoint Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-27 17:15:00 +00:00
Tim Ramlot	24794feac0	update API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-20 11:26:52 +01:00
SpectralHiss	e7f29f8bb3	UTF8Value -> utf8Value in CRD JSON schema * Still following Go standard with UTF8Value for struct field name Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-20 08:30:54 +00:00
Adam Talbot	247a034116	feat: update gateway api to v1 Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-18 21:00:42 +00:00
Norwin Schnyder	ebf58b9967	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-15 10:52:57 +01:00
Allen Mun	9b09aa87a7	Add flag and field to customize leaf duration on dynamic certificates Signed-off-by: Allen Mun <allen.mun@capitalone.com>	2023-12-13 15:45:52 -05:00
SpectralHiss	95b9345a5d	Make UTF8Value godoc comment more clear Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 17:05:12 +00:00
SpectralHiss	4bdee5f010	Rename otherNameSANs to otherNames * Improve the CRD godoc comments Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 16:21:56 +00:00
Norwin Schnyder	b8ad8a3704	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:00:39 +00:00
Tim Ramlot	721f71ed60	Refactor the solution Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:37:21 +00:00
Tim Ramlot	bfd9a65160	Add OtherNameSANs field to Certificates * Added an otherName SAN extension mechanism * Can take any otherName OID with String (UTF-8) like value * cf [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) p 37 for more info * otherName is only a subset of GeneralName, our specific need for for UserPrincipalName used in Microsoft AD/ LDAP * We treat UPN special but we might remove this in a later commit Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 09:12:23 +00:00

1 2 3 4 5 ...

660 Commits