cert-manager

Author	SHA1	Message	Date
Tim Ramlot	a8b5178fc5	fix dupword linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	bdb8f6d70c	fix tagalign linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Erik Godding Boye	003c1b12e8	Promote AdditionalCertificateOutputFormats feature gate to Beta and enable by default Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2024-04-28 17:29:35 +02:00
Adam Talbot	a7f089b64c	feat: graduate gateway-api to beta and enable by default Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-04-25 17:05:58 +01:00
Youngjun	237dfd9f0d	refectoring: remove unnecessary code Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 14:24:59 +09:00
Mangesh Hambarde	f3bfc93bba	JSON encoded secretTemplate as Ingress annotation Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:37:28 +00:00
Mangesh Hambarde	efe2e06288	New Ingress annotation for copying custom annotations to secret template Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Bill Waldrep	d4911ebfaa	Add optional flag to specify jks keystore alias. Previously the JKS keystore alias was hardcoded to "certificate". This change adds an optional configuration point to allow users to specify a custom keystore alias. If the flag is omitted we will default to the previous behavior. Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 13:23:09 -05:00
Diego Arce	83e0f95e58	fix: SecretName description for DynamicServingConfig Signed-off-by: Diego Arce <diego@arce.cr>	2024-02-21 23:12:43 -06:00
jetstack-bot	f643eef2b2	Merge pull request #6755 from import-shiburin/master bugfix: wrong certificate chain is used if preferredChain is configured	2024-02-20 15:29:07 +00:00
Tim Ramlot	0ed660873e	fix incorrect comments and error messages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 19:49:28 +01:00
jetstack-bot	7f92e38988	Merge pull request #6614 from rodrigorfk/feat-vault-mtls feat: Add the ability to communicate with Vault via mTLS	2024-02-16 18:11:26 +00:00
cloudwiz	75d1449903	move audiences under the SA ref Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-08 14:07:03 +00:00
cloudwiz	624f874d69	updated spelling and generated CRDs Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 15:06:31 +00:00
cloudwiz	9cf9cb7ea5	Vault extra audiences (#3 ) --------- Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 10:06:17 +00:00
Rodrigo Fior Kuntzer	199c98689f	feat: supporting Vault server mTLS Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-15 09:25:30 -03:00
Tim Ramlot	67f8a03cae	update AzureDNS auth API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-12 12:07:02 +01:00
jetstack-bot	a1c134e78c	Merge pull request #6574 from ThatsMrTalbot/tls-metrics-endpoint feat: add tls to metrics endpoint	2024-01-10 14:48:17 +00:00
Adam Talbot	d27fcc2762	refactor: refactored metrics server code into internal package Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-04 15:49:25 +00:00
Tim Ramlot	41404a7fd7	rename UseCertificateRequestNameConstraints to NameConstraints Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 15:49:18 +01:00
jetstack-bot	cc8925ae9f	Merge pull request #6404 from SpectralHiss/hef/otherNameSANs Other name sans support in Certificates	2024-01-03 14:16:23 +00:00
jetstack-bot	4af78fe98a	Merge pull request #6548 from snorwin/modern-pkcs12 New option to specify encryption and MAC algorithms for PKCS#12 keystores.	2024-01-03 12:54:22 +00:00
Tim Ramlot	8223df9e91	rename Algorithms to Profile Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 13:45:02 +01:00
Adam Talbot	ae143c15f6	feat: add tls to metrics endpoint Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-27 17:15:00 +00:00
Tim Ramlot	24794feac0	update API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-20 11:26:52 +01:00
SpectralHiss	e7f29f8bb3	UTF8Value -> utf8Value in CRD JSON schema * Still following Go standard with UTF8Value for struct field name Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-20 08:30:54 +00:00
Adam Talbot	247a034116	feat: update gateway api to v1 Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-18 21:00:42 +00:00
Norwin Schnyder	ebf58b9967	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-15 10:52:57 +01:00
Allen Mun	9b09aa87a7	Add flag and field to customize leaf duration on dynamic certificates Signed-off-by: Allen Mun <allen.mun@capitalone.com>	2023-12-13 15:45:52 -05:00
SpectralHiss	95b9345a5d	Make UTF8Value godoc comment more clear Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 17:05:12 +00:00
SpectralHiss	4bdee5f010	Rename otherNameSANs to otherNames * Improve the CRD godoc comments Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 16:21:56 +00:00
Norwin Schnyder	b8ad8a3704	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:00:39 +00:00
Tim Ramlot	721f71ed60	Refactor the solution Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:37:21 +00:00
Tim Ramlot	bfd9a65160	Add OtherNameSANs field to Certificates * Added an otherName SAN extension mechanism * Can take any otherName OID with String (UTF-8) like value * cf [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) p 37 for more info * otherName is only a subset of GeneralName, our specific need for for UserPrincipalName used in Microsoft AD/ LDAP * We treat UPN special but we might remove this in a later commit Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 09:12:23 +00:00
Norwin Schnyder	b79e73f484	fix controller-gen errors Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-12 18:25:15 +01:00
Norwin Schnyder	b8f4f3b518	pkcs12 encoding with different algorithms Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-12 14:27:00 +00:00
tanujd11	a29a5913d0	addressed review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 23:42:35 +05:30
tanujd11	28ca4312b3	fix: additional review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	84d7dd4aed	Addressed review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	d1b3e5ca83	Move critical from NameConstraintItem to NameConstraint and remove validateNameConstraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:29 +05:30
tanujd11	adb9311f56	validate name constraint before signing CSR Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:29:45 +05:30
tanujd11	50d84c1bbc	nits: added new line at EOF and comment fix Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:42 +05:30
tanujd11	589030dec1	feature: added name constraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:31 +05:30
Jeremy Campbell	dc876fef16	Add x509 v3 CA Issuers Extension Signed-off-by: Jeremy Campbell <jeremy.campbell@okta.com>	2023-11-16 12:45:16 -06:00
Tim Ramlot	e5f50002e1	introduce configfile for cainjector options Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-28 12:56:11 +02:00
Tim Ramlot	b98043f6b8	apply review suggestions Co-authored-by: Maël Valais <mael@vls.dev> Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-01 12:20:00 +02:00
Tim Ramlot	7c2b4adee7	Rewrite comments in cert-manager API Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-01 12:19:35 +02:00
Tim Ramlot	31b5ed6620	Make webhook Logging options configurable using configfile. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-17 12:00:50 +02:00
Tim Ramlot	e8b5b2e354	Fix bug in ControllerConfiguration's defaulting of logging config, where config would not be correctly defaulted in case a partial logging configuration is provided. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-17 11:19:16 +02:00
Tim Ramlot	db1fcdabb1	add comment explaining port 0 behavior Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-16 11:08:36 +02:00

1 2 3 4 5 ...

644 Commits