cert-manager

Author	SHA1	Message	Date
Tim Ramlot	5ba29272c0	add validation to pki CertificateTemplate function and add support for add DontAllowInsecureCSRUsageDefinition featuregate to use old behavior in controller Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-07-05 13:04:21 +02:00
Luca Comellini	8a5704635a	Bump sigs.k8s.io/controller-runtime to v0.15.0 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-23 17:34:28 -07:00
Luca Comellini	bf6bbb19de	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-18 21:55:47 -07:00
irbekrm	5ee7b50ca8	Bumps c/r to latest commit To ensure that there is as little diff as possible with c/r 0.15 Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-05-11 12:13:19 +01:00
irbekrm	97a3eb8697	Makes test framework accessible externally Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-05-10 12:09:35 +01:00
irbekrm	b8029dc758	Fix trivy vulnerabilities Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-05-09 09:51:09 +01:00
Tim Ramlot	2687b02e3f	update dependencies and LICENSE files Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-05 18:08:42 +02:00
irbekrm	7f0766e305	Update licenses Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-05-05 16:32:25 +01:00
Luca Comellini	b52ed6303d	Bump sigs.k8s.io/controller-runtime Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-05 16:32:25 +01:00
Luca Comellini	1bfc131e6a	Bump sigs.k8s.io/controller-tools to v0.12.0 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-05 16:32:25 +01:00
Luca Comellini	a57c4abb14	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-05 16:32:25 +01:00
Patrick Nannt	55567bdce4	added trivy shasum Signed-off-by: Patrick Nannt <34661599+ptrc-n@users.noreply.github.com>	2023-04-27 19:42:56 +00:00
Tim Ramlot	3ed79f9129	upgrade vault Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-04-25 09:22:19 +02:00
Tim Ramlot	62310c3e06	run 'make verify-licenses' Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-04-11 21:59:19 +02:00
Luca Comellini	9219bc409b	Bump Helm to v3.11.2 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-04-11 11:39:37 -07:00
Tim Ramlot	1d28b4f31c	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-04-07 10:36:47 +02:00
Tim Ramlot	380359b586	run 'make update-licenses' Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-04-06 22:29:59 +02:00
Ashley Davis	6ce6ae839e	separate binaries/tests into separate modules with minimal dependencies also add gomod validation in CI, along with a cmrel version bump Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2023-04-05 10:30:39 +01:00
irbekrm	76173022ea	Removes leftover replace statement This should have been removed in [200~https://github.com/cert-manager/cert-manager/pull/4958 Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-30 14:37:07 +01:00
Luca Comellini	0f64e055ae	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-03-10 14:55:26 -08:00
Ashley Davis	086c36a2ec	remove tools/cobra script Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2023-03-06 14:21:31 +00:00
jetstack-bot	0fb98c3aaf	Merge pull request #5813 from SgtCoDFish/bumphelm Bump deps, go and base images	2023-02-20 17:43:22 +00:00
Ashley Davis	018e6dc83b	bump dependencies to fix CVEs Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2023-02-20 14:22:04 +00:00
Tim Ramlot	6d7b3dd216	use jetstack vcert fork to properly reset on error for TPP Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-02-15 15:01:50 +01:00
Luca Comellini	85ca8e0444	Bump dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-01-13 09:55:27 -08:00
Ashley Davis	8c4f6cda42	bump containerd to fix reported vuln note that cert-manager is not actually vulnerable to CVE-2022-23471 since the affected code is not used Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2023-01-09 18:47:38 +00:00
Luca Comellini	02297b4e56	Bump golang.org/x/crypto and golang.org/x/oauth2 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-01-05 17:58:22 +01:00
jetstack-bot	094b4c763e	Merge pull request #5662 from lucacome/bump-controller-tools Bump sigs.k8s.io deps	2023-01-04 14:02:00 +00:00
Maël Valais	6403091073	update LICENSES (make update-licenses) Signed-off-by: Maël Valais <mael@vls.dev>	2023-01-03 11:46:33 +01:00
Luca Comellini	dbd6dc9b16	Bump sigs.k8s.io deps Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-12-21 09:47:41 -08:00
jetstack-bot	8641c4a697	Merge pull request #5641 from cert-manager/dependabot/go_modules/helm.sh/helm/v3-3.10.3 Bump helm.sh/helm/v3 from 3.10.0 to 3.10.3	2022-12-20 18:31:35 +00:00
Ashley Davis	12e0e0a9eb	bump golang.org/x/net version to fix trivy vulns Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-12-20 11:57:39 +00:00
Tim Ramlot	ff6fec9088	Bumps [helm.sh/helm/v3](https://github.com/helm/helm ) from 3.10.0 to 3.10.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.10.0...v3.10.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-16 18:05:00 +01:00
Luca Comellini	bb252356a2	Update controller-runtime to v0.14.0 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-12-14 21:53:42 -08:00
Luca Comellini	c99c147059	Bump k8s.io deps to v0.26.0 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-12-14 21:53:42 -08:00
Ashley Davis	a099eb306a	bump dep versions to fix trivy-reported vulns ```text { "VulnerabilityID": "CVE-2022-41717", "PkgName": "golang.org/x/net", "InstalledVersion": "v0.0.0-20220921155015-db77216a4ee9", "FixedVersion": "0.4.0", "Layer": { "DiffID": "sha256:629212d4fb1b47585329d1c630cb91f919ddcd6168031a07121953d6c6dbd438" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-41717", "DataSource": { "ID": "go-vulndb", "Name": "The Go Vulnerability Database", "URL": "https://github.com/golang/vulndb" }, "Title": "An attacker can cause excessive memory growth in a Go server accepting ...", "Description": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "Severity": "UNKNOWN", "References": [ "https://go.dev/cl/455635", "https://go.dev/cl/455717", "https://go.dev/issue/56350", "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "https://pkg.go.dev/vuln/GO-2022-1144" ], "PublishedDate": "2022-12-08T20:15:00Z", "LastModifiedDate": "2022-12-08T22:30:00Z" } ``` Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-12-12 11:12:33 +00:00
Ashley Davis	b8e51bc24c	fix x/text vuln and ignore AWS vuln Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-11-07 13:32:31 +00:00
Luca Comellini	4498b7cc47	Bump Go to 1.19 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-09-27 11:38:51 -07:00
Tim Ramlot	39fa9f51b4	upgrade dependencies Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-09-26 11:43:12 +02:00
Luca Comellini	97fbe24a74	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-09-23 10:52:44 -07:00
Tim Ramlot	836793e7e3	upgrade gateway api to v0.5.0 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-08-08 08:52:59 +00:00
Tim Ramlot	9897f2355c	upgrade ginkgo to v2 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-08-04 10:16:29 +00:00
Ashley Davis	2636a638bf	replace go-restful version with patched version for details, see the comment on the `replace` directive see also this slack thread: https://kubernetes.slack.com/archives/CDEQJ0Q8M/p1659536441504649?thread_ts=1659532155.184479&cid=CDEQJ0Q8M Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 15:33:54 +01:00
Ashley Davis	6985cd5e5a	update containerd dependency to fix CVE CVE-2022-31030 and GHSA-5ffw-gxpp-mxpf Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 15:25:05 +01:00
Ashley Davis	01d8994f38	remove replacement for /x/net and update /x/net + /x/sys the replaced version had several CVEs as reported by Trivy: CVE-2021-44716 - golang.org/x/net: golang: net/http: limit growth of header canonicalization cache CVE-2021-31525 - golang.org/x/net: golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header CVE-2022-29526 - golang.org/x/sys: golang: syscall: faccessat checks wrong group this commit fixes those reported CVEs Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-08-03 14:44:06 +01:00
irbekrm	5903c34cda	Updates LICENSES Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-07-04 09:10:10 +01:00
Luca Comellini	aaa513de00	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-06-30 15:16:14 -07:00
Ashley Davis	a6b2955747	update LICENSES file to new format Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-06-28 09:28:00 +01:00
Alessandro Vermeulen	1da01211ee	Feature gated support for using literal subjects in `Certificate`s Signed-off-by: Alessandro Vermeulen <alessandro.vermeulen@ing.com>	2022-06-08 20:50:00 +02:00
Irbe Krumina	1d917ef311	Revert "Use Apply instead of Update to modify resources in tests" Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-05-03 11:31:47 +01:00

1 2 3

111 Commits