cert-manager

Author	SHA1	Message	Date
cert-manager-prow[bot]	1e0a1ae1aa	Merge pull request #6775 from inteon/support_oid_in_literal_subject LiteralSubject: Add support for numeric OID subject attribute type	2024-05-14 11:24:50 +00:00
cert-manager-prow[bot]	cd2d71f670	Merge pull request #6878 from pwhitehead-splunk/support-assume-role-with-web-identity support assumeRoleWithWebIdentity for Route53 issuer	2024-05-14 09:31:50 +00:00
Tim Ramlot	cfe974b775	deduplicate shared config API structs Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-14 09:28:10 +02:00
Paul Whitehead	44f79d6c47	better handling of nil structs Signed-off-by: Paul Whitehead <pwhitehead@splunk.com>	2024-05-13 09:44:12 -06:00
Tim Ramlot	0a45298971	improve tests based on review Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-10 20:44:07 +02:00
Tim Ramlot	9d1c959a1e	LiteralSubject: add support for literal oid type values Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-10 20:44:07 +02:00
Bartosz Slawianowski	0f6eaa9ab8	Fix lint Signed-off-by: Bartosz Slawianowski <bartosz.slawianowski@natzka.com>	2024-05-10 11:28:28 +02:00
Bartosz Slawianowski	c180fefc9c	Remove unnecessary AWS SDK dependency Signed-off-by: Bartosz Slawianowski <bartosz.slawianowski@natzka.com>	2024-05-10 11:08:43 +02:00
Bartosz Slawianowski	747d88ce66	Rewrite to new Azure SDK Signed-off-by: Bartosz Slawianowski <bartosz.slawianowski@natzka.com>	2024-05-10 11:07:00 +02:00
Bartosz Slawianowski	53f73d5891	Fix error handling and add basic test Signed-off-by: Bartosz Slawianowski <bartosz.slawianowski@natzka.com>	2024-05-10 10:34:31 +02:00
Bartosz Slawianowski	dead7c2211	feat: Support concurrent updates for Azure DNS Signed-off-by: Bartosz Slawianowski <bartosz.slawianowski@natzka.com>	2024-05-10 10:34:30 +02:00
Paul Whitehead	8bed53266e	move token to constant Signed-off-by: Paul Whitehead <pwhitehead@splunk.com>	2024-05-09 15:15:09 -06:00
Tim Ramlot	81232c2fe3	revert in-tree ParseDN function now that upstream ParseDN function has been fixed Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-09 21:41:09 +02:00
Tim Ramlot	d0e635fc36	remove deprecated ParseSubjectStringToRawDERBytes function & refactor and move tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-08 18:05:25 +02:00
Paul Whitehead	910ca56d58	fix golangci linting Signed-off-by: Paul Whitehead <pwhitehead@splunk.com>	2024-05-07 14:00:04 -06:00
pwhitehead	35571e014d	refactor to use token request API Signed-off-by: Paul Whitehead <pwhitehead@splunk.com>	2024-05-07 11:11:21 -06:00
Paul Whitehead	528428b31f	support assumeRoleWithWebIdentity for Route53 issuer Signed-off-by: Paul Whitehead <pwhitehead@splunk.com> fix test signature	2024-05-07 11:10:17 -06:00
Tim Ramlot	1248be8bba	add contextcheck linter exceptions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-07 12:37:04 +02:00
Tim Ramlot	de54201f69	fix noctx linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-07 12:19:41 +02:00
Tim Ramlot	52320fbeea	fix contextcheck linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-07 12:19:41 +02:00
Tim Ramlot	6fc8034870	fix tenv linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-30 10:47:21 +02:00
Tim Ramlot	dd4f5f4e39	fix unparam linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-30 10:47:21 +02:00
Tim Ramlot	8ea7cbc362	fix forbidigo linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-30 10:01:34 +02:00
Tim Ramlot	0306731635	fix asasalint linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 17:45:07 +02:00
Tim Ramlot	24e47ff364	fix predeclared linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 17:32:49 +02:00
Tim Ramlot	d6404482e3	fix loggercheck linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 16:48:59 +02:00
Tim Ramlot	ae98ba806b	fix gocritic linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:50:47 +02:00
Tim Ramlot	8bec192b90	fix unconvert linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:30:30 +02:00
Tim Ramlot	042f59d283	fix unused linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:29:00 +02:00
Tim Ramlot	31eec1f8ab	fix bodyclose linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:26:34 +02:00
Tim Ramlot	085136068a	fix misspell linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:21:07 +02:00
Tim Ramlot	a8b5178fc5	fix dupword linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	bdb8f6d70c	fix tagalign linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	9db044b232	fix gci linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
cert-manager-prow[bot]	54feeece10	Merge pull request #6970 from erikgb/additional-formats-beta Promote AdditionalCertificateOutputFormats feature gate to Beta	2024-04-29 07:42:36 +00:00
Erik Godding Boye	003c1b12e8	Promote AdditionalCertificateOutputFormats feature gate to Beta and enable by default Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2024-04-28 17:29:35 +02:00
Erik Godding Boye	8f99f40cbb	Upgrade K8s dependencies to v0.30.0 Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2024-04-28 13:02:36 +02:00
cert-manager-prow[bot]	410b7a6ffb	Merge pull request #6963 from inteon/graduate_DisallowInsecureCSRUsageDefinition Graduate 'DisallowInsecureCSRUsageDefinition' to GA (part 2)	2024-04-26 17:22:35 +00:00
Tim Ramlot	38cd0accdb	graduate 'DisallowInsecureCSRUsageDefinition' to GA Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-26 16:14:31 +02:00
Adam Talbot	a7f089b64c	feat: graduate gateway-api to beta and enable by default Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-04-25 17:05:58 +01:00
Tim Ramlot	20fa3169bf	Merge pull request #6927 from yj-yoo/remove_deprecated_function Graduate 'DisallowInsecureCSRUsageDefinition' to GA	2024-04-24 15:23:42 +01:00
Sankalp Yengaldas	adc7cd0f06	add testcases and generate deepcopy methods Signed-off-by: Sankalp Yengaldas <sankalp.yb@fmr.com>	2024-04-24 10:14:31 -04:00
cert-manager-prow[bot]	2ca75ccc32	Merge pull request #6923 from inteon/fix_dns_test_flake Fix flaky dns test	2024-04-22 14:13:45 +00:00
Youngjun	d2988a906a	refectoring: remove deprecated function - remove deprecated function - comment update beta to ga (and version) Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 22:57:52 +09:00
Tim Ramlot	0f69abd561	fix flaky dns test, make sure dns server has started before sending requests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-22 14:54:17 +02:00
Youngjun	237dfd9f0d	refectoring: remove unnecessary code Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 14:24:59 +09:00
Tim Ramlot	f5a73a9ead	fix bug in dynamic source Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-19 11:50:39 +02:00
Tim Ramlot	01b298a580	move to Makefile modules Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-10 18:53:40 +02:00
jetstack-bot	d073db1648	Merge pull request #6875 from SgtCoDFish/dodo Limit DigitalOcean records for cleanup to TXT only	2024-04-10 15:31:22 +02:00
jetstack-bot	b61de55abd	Merge pull request #6865 from wallrj/5803-cert-manager-user-agent-venafi-issuer Add user-agent header in requests to Venafi API	2024-03-27 15:33:00 +01:00
Ashley Davis	d17c9cc513	limit DigitalOcean records for cleanup to TXT only Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2024-03-26 10:27:54 +00:00
deterclosed	e50052aded	chore: remove repetitive words Signed-off-by: deterclosed <fliter@outlook.com>	2024-03-23 13:37:59 +08:00
jetstack-bot	99fc8fb5f8	Merge pull request #6723 from inteon/add_generate_csr_test Add new testcase that generates a non-critical SAN extension to the GenerateCSR tests	2024-03-22 21:51:34 +01:00
Richard Wall	30db9e2ad5	Link to upstream vcert issues that would allow us to simplify the cert-manager code Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 14:16:38 +00:00
Richard Wall	dd0762e71b	Refactor the httpClientForVcert function so that it can also be used for Venafi Cloud Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 13:19:56 +00:00
Richard Wall	95a347cbc2	Supply tests with a non-nil REST config in controller.Context Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 12:21:48 +00:00
Richard Wall	cca333d1db	Supply User-Agent string to the Venafi controllers Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 11:35:10 +00:00
Richard Wall	04ee7fe0e9	Set the User-Agent header in all Venafi API requests Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 11:02:18 +00:00
Richard Wall	112c7b2e9e	An http.RoundTripper which adds the HTTP User-Agent header to all requests This code existed in cert-manager once before and I'm reviving it. Here's the history: * Added: https://github.com/cert-manager/cert-manager/pull/422 * Moved: https://github.com/cert-manager/cert-manager/pull/432 * Obsoleted: https://github.com/cert-manager/cert-manager/pull/797 * Deleted: https://github.com/cert-manager/cert-manager/pull/966 Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 10:24:47 +00:00
jetstack-bot	f56fc1ed1a	Merge pull request #6792 from inteon/bugfix_literalsubject bugfix: LiteralSubject match function reports incorrect mismatch	2024-03-15 10:54:01 +01:00
Mangesh Hambarde	f3bfc93bba	JSON encoded secretTemplate as Ingress annotation Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:37:28 +00:00
Mangesh Hambarde	717269e809	Add tests Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Mangesh Hambarde	efe2e06288	New Ingress annotation for copying custom annotations to secret template Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Tim Ramlot	9dcb422164	use errors.Is() Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 19:33:01 +01:00
Tim Ramlot	f4ae942b8e	add test that validates leaderelection behavior Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 19:22:38 +01:00
Tim Ramlot	b32382fead	improve the dynamic source implementation and add a lot of unit tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 15:10:39 +01:00
Tim Ramlot	23373e4323	correctly initialize loggers, create contexts and pass contexts Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-08 14:32:31 +01:00
Bill Waldrep	d4911ebfaa	Add optional flag to specify jks keystore alias. Previously the JKS keystore alias was hardcoded to "certificate". This change adds an optional configuration point to allow users to specify a custom keystore alias. If the flag is omitted we will default to the previous behavior. Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 13:23:09 -05:00
Bill Waldrep	bf3d202c72	add new utility method to clarify cert decoding semantics Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 12:47:27 -05:00
Bill Waldrep	251610d951	include full CA chain contents in encoded pkcs12/jks stores Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-02-28 11:50:19 -05:00
Tim Ramlot	6c6d18d0b8	remove the github.com/pkg/errors as a direct dependency Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-22 19:52:00 +01:00
Tim Ramlot	48759b271c	bugfix: LiteralSubject match function was broken Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-22 15:51:25 +01:00
jetstack-bot	59676d2c63	Merge pull request #6785 from arcezd/fix-cert-manager-docs fix: SecretName description for DynamicServingConfig	2024-02-22 14:46:44 +00:00
jetstack-bot	b65ccfa1b5	Merge pull request #6761 from inteon/add_custom_dn_parse Stop using github.com/go-ldap/ldap/v3 ParseDN and use a custom ParseDN function instead	2024-02-22 12:40:43 +00:00
Diego Arce	83e0f95e58	fix: SecretName description for DynamicServingConfig Signed-off-by: Diego Arce <diego@arce.cr>	2024-02-21 23:12:43 -06:00
Tim Ramlot	8fd62df268	fix broken json logging Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-21 11:27:31 +01:00
jetstack-bot	f643eef2b2	Merge pull request #6755 from import-shiburin/master bugfix: wrong certificate chain is used if preferredChain is configured	2024-02-20 15:29:07 +00:00
Tim Ramlot	b77910d785	change signature of SetCertificateDuration and SetCertificateRenewBefore Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:40:38 +01:00
Tim Ramlot	ed280d28cd	update test, with new error message Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	99942446ff	add benchmark Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	0f078859de	add error case to DNParse tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	a2b3cc81c3	stop using github.com/go-ldap/ldap/v3 ParseDN and use a custom ParseDN function instead Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
jetstack-bot	d642df3b5f	Merge pull request #6770 from inteon/dn_parse_quick_fix Fix a memory bug in ldap's ParseDN function by disabling part of the functionality	2024-02-19 15:02:30 +00:00
Tim Ramlot	4a8b8c4e09	Fix a memory bug in ldap's ParseDN function by disabling part of the functionality Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-19 12:55:06 +01:00
Yuedong Wu	baa73aa8ee	fix webhook validation error msg and use commonName variable value Signed-off-by: Yuedong Wu <dwcn22@outlook.com>	2024-02-19 10:16:38 +08:00
Tim Ramlot	0ed660873e	fix incorrect comments and error messages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 19:49:28 +01:00
jetstack-bot	7f92e38988	Merge pull request #6614 from rodrigorfk/feat-vault-mtls feat: Add the ability to communicate with Vault via mTLS	2024-02-16 18:11:26 +00:00
Tim Ramlot	205067b834	update tests to match the current Let's encrypt setup Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:45 +01:00
Tim Ramlot	672aad41bf	don't call ListCertAlternates if default chain matches the preferred chain Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:22 +01:00
Sam Lee	ff5c4103a0	remove URL verification from alternateCertChain tests Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:42:00 +09:00
Sam Lee	94509d0490	changed term 'alt' to 'preferred' Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:12:53 +09:00
Sam Lee	b9ac41726c	make getAltCertChain checks only topmost certificate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Sam Lee	811cc7908e	fix getAltCertChain not considering primary chain as candidate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Tim Ramlot	23ab96de91	use unstructured.Unstructured in Mutation webhook Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 11:11:33 +01:00
Tim Ramlot	b9a216cdfc	Simplify webhook and switch Webhook to controller-runtime. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 10:55:32 +01:00
Tim Ramlot	ffb47e52fa	remove dead & deprecated code from cert-manager codebase Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-10 17:22:23 +01:00
jetstack-bot	c4c0fd3268	Merge pull request #6744 from andrey-dubnik/master Move token audiences under the SA ref for the Vault kubernetes auth	2024-02-09 11:58:18 +00:00
Tim Ramlot	c3b8cbd608	improve comment that explains what removeReqID does and when it fails Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:20:36 +01:00
Tim Ramlot	06b3cd3372	add testcase for nested errors Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
Tim Ramlot	deab9548c0	use errors.Is instead of errors.As Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00

1 2 3 4 5 ...

3489 Commits