cert-manager

Author	SHA1	Message	Date
joshvanl	5019aaacfc	Update SecretTemplate API comments to highlight that annotations are appended to base annotations Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:40:13 +00:00
joshvanl	38084fb719	Update secret manager to include additional output formats Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:40:12 +00:00
joshvanl	b6e499a317	Fix comment and add comment about forcing apply Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	196d0011ca	Remove SecretTemplate controller and move logic into issuing controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	64d78c6e10	Update certificates controller with new secret manager signatures and tests Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	c5f101525c	Update certificates controller secrets manager since feature gate is removed Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	86ae0545d2	Update SecretTemplate API comments with new behaviour. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	7a4be1edfd	Copy across an existing secret type in secrets manager since that field is immutable. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	a56b6a8596	Fix CA injector test to only create a Secret of type `kubernetes.io/tls` since that field is immutable, and shouldn't change from Opaque Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	95ee9ee031	Force apply secrets manager if a field has a conflict with the owner Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	5660b80888	Gix golang references to feature gate package Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	d6fb5138f2	Re-add crd-certificates.yaml Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	af360ee9b3	Fix some test func names and some comments. Replaces DeDuplicate in SecretTemplate controller to use sets.Strings. Removes DeDuplicate func Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	ebc4cba48c	Make secretsmanager if statement blocks prettier Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	54c00afb13	Fix comments in secretsmanager Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	957bc0a081	Create InitWithRESTConfig() in controller test context builder to not change existing Init() consumers Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	760254848b	Make RestConfig nil in acmechallenges sync_test.go Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	8b501d7d54	Also don't reconcile Certificates in SecretTemplate controller if Issuing=True Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	43c72dd490	Update Certificates SecretTemplate API comments Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	1319f2a5fb	Adds the certificates SecretTemplate controller to reconcile ready Certificate's Secrets on SecretTemplate changes Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	de4522d883	Update certificates secret manager to Apply managed fields when the apply feature is enabled Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	e3141f9ad1	Adds PrefixForUserAgent and DeDuplicate util functions Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	685dd79c0c	Makes some minor API naming changes, and clears up some docs around the Certifcate's additional output formats. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-14 20:00:26 +00:00
Thierry Sallé	7f8641dd94	[additionalOutputFormats] Update comments and add more tests Signed-off-by: Thierry Sallé <seuf76@gmail.com>	2022-01-14 11:10:32 +01:00
Thierry	81f308221b	Add certifcate additionalOutputFormats parameter DER Format to create key.der binary format of the private key. CombinedPEM Format to create tls-combined.pem containing tls.key + tls.crt. Added Unit and e2e tests for secret with Additional output format. Feature flag AdditionalCertificateOutputFormats to enable feature. Signed-off-by: Thierry Sallé <seuf76@gmail.com>	2022-01-14 11:10:32 +01:00
jetstack-bot	f1813d0368	Merge pull request #4730 from SgtCoDFish/movednstest move RFC2136 DNS01 tests to test/integration	2022-01-13 11:10:04 +00:00
jetstack-bot	4d5058a92e	Merge pull request #4728 from SgtCoDFish/moveversionchecker Move versionchecker tests to test/integration	2022-01-13 10:18:36 +00:00
Ashley Davis	92f78e8f8d	move RFC2136 DNS01 tests to test/integration Since this test requires setup before it can successfully run, we define it as an integration test and move it here so that on a fresh checkout a user can always run `go test ./pkg/...` and expect that it would succeed. Also: - tweaks some comments - adds methods for getting nameserver / tsig algorithm from DNSProvider Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-01-12 16:00:10 +00:00
Ashley Davis	93f868b3bc	move versionchecker tests to test/integration Since this test requires setup before it can successfully run, we define it as an integration test and move it here so that on a fresh checkout a user can always run `go test ./pkg/...` and expect that it would succeed. Also involves: - Exporting the VersionChecker and adding NewWithConfig to enable testing - Some comment changes - A change to the type returned by New(); see https://github.com/golang/go/wiki/CodeReviewComments#interfaces Ideally I'd not add `NewFromClient` but I think it's the most minimal change and is preferable to publicly exporting `VersionChecker.client`. Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-01-12 14:21:53 +00:00
jetstack-bot	778be75841	Merge pull request #4697 from irbekrm/valid_orders_update Don't fail an order that has been finalized, but the status has not been synced to Order CR	2022-01-12 08:10:03 +00:00
irbekrm	e7cc37ef71	Code review feedback Signed-off-by: irbekrm <irbekrm@gmail.com> Co-authored-by: Maël Valais <mael@vls.dev>	2022-01-11 18:09:44 +00:00
jetstack-bot	fa321b6a4b	Merge pull request #4287 from linka-cloud/acme-http-challenge-cutomer-dns Acme http challenge custom dns	2022-01-11 11:24:03 +00:00
irbekrm	24866544b8	Ensures that if alternate cert chain is specified, it is retrieved Ensures that if the cert is retrieved in a reconcile following the one that finalized the ACME order, the alternate cert chain is still respected, if specified by user Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-01-11 10:51:14 +00:00
irbekrm	de8aa2583e	Ensures that ACME orders controller does not create new order if it failed to update old order's status to valid Check the status of the ACME order if finalizing order failed to catch edge cases where the order is already finalized, but the updating of Order CR's status has failed Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-01-11 10:51:14 +00:00
jetstack-bot	2e465fbf34	Merge pull request #4628 from irbekrm/sync_cleanup Order sync cleanup	2022-01-10 20:27:04 +00:00
jetstack-bot	c68e78c510	Merge pull request #4702 from devholic/fix-multiple-dns-provider Install APIGroup once for multiple DNS providers	2022-01-10 11:25:04 +00:00
Sunghoon Kang	47d07e85de	Add test for creating ChallengeServer with solvers Signed-off-by: Sunghoon Kang <hoon@linecorp.com>	2022-01-08 22:55:21 +09:00
Adphi	a131eda198	acme-http: add reachability tests Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-08 12:37:41 +01:00
James Munnelly	ea2d04e2c0	Add webhook-specific 'feature' package and wire it up through config Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-07 12:17:38 +00:00
James Munnelly	9c04a04c7c	Move feature package into internal/controller Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-07 12:17:36 +00:00
Adphi	0f9b47b4f0	acme-http: use Go built-in resolver Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-06 22:34:05 +01:00
Adphi	c9bc776b49	acme-http: fix tests Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-06 21:37:04 +01:00
Adphi	498c496053	acme-http: fix bazel Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-06 21:02:51 +01:00
Adphi	3375fa0609	http01: add custom nameservers support (#4286 ) Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-06 21:02:46 +01:00
James Munnelly	8ff84e8b70	Re-organise and extend path loading logic to make it easier to run integration tests using Delve/GoLand Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-06 15:22:39 +00:00
jetstack-bot	97c4b7b8d3	Merge pull request #4705 from SgtCoDFish/goimports Three small goimports fixes against current HEAD	2022-01-04 17:40:31 +00:00
Ashley Davis	727e29a747	three small goimports fixes against current HEAD rather than using the default suggested `v1` names for some imports, we use more descriptive names Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-01-04 16:05:42 +00:00
jetstack-bot	019d64edcf	Merge pull request #4688 from irbekrm/renew_failed Fixes a bug where a previous failed CertificateRequest was picked up during next issuance	2022-01-04 15:08:31 +00:00
irbekrm	0a4617e582	Fix staticcheck error Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-01-04 10:11:04 +00:00
Sunghoon Kang	bfe3210ccc	Install APIGroup once for multiple DNS providers If we register multiple DNS providers while running the webhook server, it will cause an unexpected exit with 'WebService with duplicate root path detected' error. This issue happens because the root path of each DNS provider is equal since they share the group name. This commit installs APIGroup once for multiple DNS providers by extracting apiGroupInfo variable and InstallAPIGroup call from solver (DNS provider) loop in ChallengeServer constructor. Signed-off-by: Sunghoon Kang <hoon@linecorp.com>	2022-01-04 00:50:23 +09:00

1 2 3 4 5 ...

2737 Commits