cert-manager

Author	SHA1	Message	Date
Max Ehrlich	5eaf89ba4a	Simplify getting the ca cert bytes from the ca chain Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:41:17 -04:00
Max Ehrlich	f81f499d3d	Rerun gofmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:18:40 -04:00
Max Ehrlich	06fb0cefc7	Manually generate pem from cachain field since the vault api does not expose it Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:06:41 -04:00
Max Ehrlich	d63fbbab49	Fix go-fmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:54:30 -04:00
Max Ehrlich	48653e07f9	Return CA for vault certs, this uses the issuing_ca field from the vault api response, see (https://www.vaultproject.io/api/secret/pki/index.html#sign-certificate ) for details Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:47:44 -04:00
Max Ehrlich	25e86d5588	For now, the vault issuer will also not store it's CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:15 -04:00
Max Ehrlich	ab450c7463	Set the CA field if a non-nil ca cert is passed Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:15 -04:00
Max Ehrlich	213d5ec6b5	Self-signed issuers return a copy of the same certificate that was issued as the CA Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	511650ca82	ACME issuers currently will not support getting the CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	58efbc068c	Update CA issuer to return the CA cert pem Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	280382e6ce	Issue and renew should now return the bytes of the CA certificate that was used to issue the certs. This should be set to nil if not applicable Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	41c7def791	Helper function to get PEM encoded bytes of x509 certs Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	e347572541	Change key name constant to better match its function Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	2524335f3a	Set the "ca.crt" field for certificates issued with isCA so that nginx can properly identify them for client authentication Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:13 -04:00
James Munnelly	48ecee9cfb	run //hack:update-gofmt Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:25:04 +01:00
James Munnelly	b1f145625e	Set up Bazel workspace with git status and pass ldflags Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:24:52 +01:00
James Munnelly	c4e11e110f	run //hack:update-codegen Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:24:52 +01:00
James Munnelly	db65d6a170	run //hack:update-bazel Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:24:48 +01:00
jetstack-bot	140f9e7a4c	Merge pull request #891 from munnerz/metaauth-validation Relax resource validation for CloudDNS service account credentials	2018-09-12 09:34:48 +01:00
jetstack-bot	feb589feb5	Merge pull request #661 from splashx/master [ACME] Add RFC2136 DNS Provider (2nd attempt)	2018-09-12 09:11:48 +01:00
James Munnelly	01ab38e5ff	Relax resource validation for CloudDNS service account credentials Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-12 08:44:06 +01:00
Evan Anderson	265c9610ff	Add an error check for AzureDNS failure to create a solver. Add documentation comments for public methods (caught by 'go lint'). Signed-off-by: Evan Anderson <evan.k.anderson@gmail.com>	2018-09-11 01:20:44 -07:00
splashx	3761c6c3a4	fix panic, wrong logic Signed-off-by: splashx <splash@gmail.com>	2018-09-10 21:40:40 +02:00
splashx	51a8a57221	add tests for nameserver, tsigsecret and tsigname Signed-off-by: splashx <splash@gmail.com>	2018-09-10 20:03:32 +02:00
jetstack-bot	8d6701de0b	Merge pull request #838 from Queuecumber/ca-org-days Set Organization in Certificates	2018-09-10 17:56:17 +01:00
Max Ehrlich	10526f404a	Validate that vault certificates do not set the organization field Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-10 10:33:53 -04:00
jetstack-bot	d55cd7ffe5	Merge pull request #664 from kiwigrid/enable-clouddns-meta-auth enable clouddns meta auth	2018-09-10 13:49:17 +01:00
James Munnelly	ac08365928	Fix up test failure Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-10 13:25:33 +01:00
James Munnelly	8c5c402d1e	Fix up bug preventing saBytes being used. Add comments. Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-10 13:21:51 +01:00
Max Ehrlich	fc8167581f	Update tests to support multiple orgs Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:13 -04:00
Max Ehrlich	6a9f1d2348	Update code to allow setting multiple organizations Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:13 -04:00
Max Ehrlich	a3f5f7b7e9	Add test for successful cert with organization set Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:13 -04:00
Max Ehrlich	54b567e734	Add test case that should fail acme validation Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:13 -04:00
Max Ehrlich	340d2725e7	Generate certificates with the new organization field Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:12 -04:00
Max Ehrlich	b3e9e33e9d	Validation for acme issuers Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:12 -04:00
Max Ehrlich	986a7af74f	Add the organization field to the certificate spec Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-08 16:21:12 -04:00
James Munnelly	9d3ea5649a	Fix acme.privateKeySecretRef validation message Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-08 18:17:11 +01:00
James Munnelly	a48b60581b	Run gofmt with go 1.11 Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-08 03:19:00 +01:00
splashx	41111f7879	patch with rfc2136 Signed-off-by: splashx <splash@gmail.com>	2018-09-07 00:56:00 +02:00
jetstack-bot	834fda15a1	Merge pull request #478 from munnerz/webhooks Add validating webhook and webhook tls autoconfiguration	2018-09-05 13:00:50 +01:00
JuanJo Ciarlante	1266f4116b	minor cleanups Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>	2018-08-28 22:23:57 -03:00
JuanJo Ciarlante	225a37ce7c	augment acmedns unit testing Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>	2018-08-28 22:20:31 -03:00
JuanJo Ciarlante	ef2924c26a	[jjo] fix panic from acmedns.go constructor failure Signed-off-by: JuanJo Ciarlante <juanjosec@gmail.com>	2018-08-27 19:36:13 -03:00
rico.pahlisch	3b270623fd	enable clouddns meta auth Signed-off-by: Rico Pahlisch <rico.pahlisch@kiwigrid.com>	2018-08-27 09:13:05 +02:00
Frank Hamand	8b28b5adce	Fix cloudflare provider failing on cleanup if no record is found It's possible for cert-manager to get in a bad state where it thinks there's something to cleanup, but repeatedly fails to clean it up. Not finding the record should not be an error when we're trying to delete the record anyway. Signed-off-by: Frank Hamand <frankhamand@gmail.com>	2018-08-21 09:59:37 +01:00
James Munnelly	91bec0909c	Add validation webhook Signed-off-by: James Munnelly <james.munnelly@jetstack.io>	2018-08-20 12:34:05 +01:00
jetstack-bot	972f86704d	Merge pull request #787 from Queuecumber/master Add ACME-DNS as a DNS-01 Provider	2018-08-17 13:33:57 +01:00
Max Ehrlich	65e6a65143	Update the test to support nameservers Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-08-14 14:57:21 -04:00
Max Ehrlich	96a037fc23	Fix go fmt failing Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-08-14 14:48:51 -04:00
jetstack-bot	dba15aabe6	Merge pull request #658 from munnerz/is-ca Add 'isCA' field to Certificate spec	2018-08-14 12:35:53 +01:00

1 2 3 4 5 ...

519 Commits