Enable users to request x509 key usages and extended key usages when
defining a certificate or certificate signing request
fixes: #301
Signed-off-by: stuart.warren <stuart.warren@ocado.com>
* Added KeyEncoding spec value to Certificate type.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added validation for Certificate Spec field KeyEncoding.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added Encoding PKCS8 function for encoding private keys in generate.go.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Modified the call to the private key encoding function for each issuer in issue.go to pass in the extra KeyEncoding field.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added case for decoding pkcs8 key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Converting decoded PKCS8 key into crypto.Signer.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added debugging log statements for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Log messages for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added logs for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added debug logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Add debug logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Modified keys package.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the key converter to the ssh package.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Testing decoding as pkcs1 key instead.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Trying to convert to crypto.Signer for PKCS8.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Converting to rsa.PrivateKey.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed return to type private key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changing parsing.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Cleaned up logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed logging info.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed debug logging.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fix parse test for new pkcs8 support.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed extra lines.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed extra lines and spaces.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed duplicate PKCS8 functions.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the KeyEncoding field from an int to a string.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed issue.go for issuers to pass in the certificate when encoding private key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Corrected capitalization of Spec.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the error message to use the correct variable.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed selfsigned issue.go to pass in certificate object instead of the keyEncoding.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed error format.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed test to pass in certificate variable into encoding private key function.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed syntax issue.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed parameter for encode private key function in parse_test.go.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed parse test for encode private key function.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed invalid syntax.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Moved the if statement.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Cleaned up go-fmt errors.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Ran bazel run //hack:update-reference-docs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed encode private key to take keyEncoding instead of certificate.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed setting keyEncoding for ca issue test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixing passing in the correct type for encoding private key.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixing passing in the correct type for encoding private key.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed parameter passed into encode private key for parse test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added unit test for encoding different private key types.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed key encoding field from existing test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added KeyEncoding spec value to Certificate type.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added validation for Certificate Spec field KeyEncoding.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added Encoding PKCS8 function for encoding private keys in generate.go.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Modified the call to the private key encoding function for each issuer in issue.go to pass in the extra KeyEncoding field.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added case for decoding pkcs8 key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Converting decoded PKCS8 key into crypto.Signer.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added debugging log statements for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Log messages for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added logs for decoding private keys.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added debug logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Add debug logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Modified keys package.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the key converter to the ssh package.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Testing decoding as pkcs1 key instead.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Trying to convert to crypto.Signer for PKCS8.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Converting to rsa.PrivateKey.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed return to type private key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changing parsing.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Cleaned up logs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed logging info.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed debug logging.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fix parse test for new pkcs8 support.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed extra lines.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed extra lines and spaces.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed duplicate PKCS8 functions.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the KeyEncoding field from an int to a string.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed issue.go for issuers to pass in the certificate when encoding private key.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Corrected capitalization of Spec.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed the error message to use the correct variable.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed selfsigned issue.go to pass in certificate object instead of the keyEncoding.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed error format.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed test to pass in certificate variable into encoding private key function.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed syntax issue.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed parameter for encode private key function in parse_test.go.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed parse test for encode private key function.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed invalid syntax.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Moved the if statement.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Cleaned up go-fmt errors.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Ran bazel run //hack:update-reference-docs.
Signed-off-by: Crystal Chun <crystalchun@crystals-mbp.raleigh.ibm.com>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Changed encode private key to take keyEncoding instead of certificate.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed setting keyEncoding for ca issue test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixing passing in the correct type for encoding private key.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixing passing in the correct type for encoding private key.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed parameter passed into encode private key for parse test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added unit test for encoding different private key types.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed key encoding field from existing test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed syntax error for declaring constant.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Moving private key all to one line.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added commas after each test case and changed the private key to a pkcs1 rsa private key.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed test errors.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added default error.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Predefined actualEncoding variable.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Undeclared actualEncoding variable.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Declared actualEncoding variable to nil.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Declared actualEncoding variable to empty key encoding type.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixed unit test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Ran update go-fmt.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Added e2e test for pkcs8 certificate.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Removed unused variable.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Creating issue in pkcs8 e2e test.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Fixing no new variables on the left side of := for err variable.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* Updated docs to mention the key encoding field.
Signed-off-by: Crystal Chun <crystalchun@Crystals-MacBook-Pro.local>
* change venafi issuer to support different cert encoding
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
* update crds
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
Allow a user to provide an entire certificate chain to the ca issuer. Include that chain in all generated certificates
Signed-off-by: Mike Bryant <m@ocado.com>
* Configurable issuer duration and renewBefore [1/3]
This is part one of (probably) three parts manually moving the changes from commit 723015174a167d746323f506ab3575cfb243d8bd to the new master. This commit moves the basic functionality of configurable duration while skipping e2e tests and docs. It does not include new work.
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Configurable issuer duration and renewBefore [2/3]
This commit moves over most of the e2e testing updates, some things are intentionally left out as they may be obsolete
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Configurable issuer duration and renewBefore [3/3]
This commit moves the documentation changes, completely the migration of the original code to the latest master
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerunning all hack scripts with since the massive bazel update
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add missing boilerplate headers
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerun codegen hack
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerunning update-docs hack
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix failing unit tests
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix build errors in e2e tests
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerun update-deps
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Don't recreate the CA issuer, it already exists
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Need to create new issuers for the duration and renew time tests because those fields are set in the issuer, so make sure they are named uniquely
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add duration e2e tests for self-signed issuer
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add duration e2e tests for vault w/ custom mount path
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add validation to disallow acme certificates with duration and renewBefore set and update unit tests to verify
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Update docs to mention duration/renew for self-signed issuer and fix potential parsing errors with rst formatting
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Self-signed issuer was missing duration validation
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix a bug causing certificates with a short enough renew-before w.r.t their duration to be renewed instantly and forever
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Print the exact time until renewal
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Move duration and renwal validation to the issuer validation
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Update e2e tests to work with new validation
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add e2e test for the self-signed issuer
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Redo cert duration and renew before to appear as part of the CSR and not the issuer
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Updating tests to match new duration/renewbefore format
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Update e2e tests to match new format
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Update docs to reflect changing the field from issuers to certificates
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove event firing and replace with a TODO as of discussion on PR
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Run hack scripts
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove the sync unit test since without events there is no way to catch the warnings that it was testing
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Use IssuerOptions RenewBeforeExpiryDuration if certificates dont set a renewBefore value for immediate renewal checks
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Delete check on certificate data length in e2e test for certificate duration as there is no reason it should be there
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Update e2e tests since certificate creation will never generate an event
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerunning hack scripts after big rebase
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix a few problems that slipped through during the rebase
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix an e2e error that resulted from the rebase
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add unit test for the calculateTimeBeforeExpiry function
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Adding back in a bunch of missing error checks
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove unused function
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add missing boilerplate
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove unused constant
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Move log constants to function body
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerun hack scripts
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove mistakenly commited file
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove double-import of util package
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix bad function call in e2e vault issuer
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Change duration and renewBefore to be pointer fields as they are optional
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Remove wrong vault issuer test that got passed the rebase somehow
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Change e2e to use pointer format
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Move e2e cert tests out of issuer test file
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Move e2e self-signed issuer test to new location
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Make sure to check for nil in GenerateTemplate
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Add more empty checks to be safe
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Rerunning hacks after rebase
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix bad function call in new e2e test
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Try not setting duration and renewbefore on acme e2e tests
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Zero checks should really just be replaced by nil tests, zero should be caught as any other too-small value
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fixed a missing nil check that got away
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Change e2e duration test format to use pointer times to better simulate API calls
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix sync unit test to match e2e test format
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Fix vault e2e test
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
* Revert changes to Certificate sync function
Signed-off-by: James Munnelly <james@munnelly.eu>
* Remove selfsigned e2e issuer.go
Signed-off-by: James Munnelly <james@munnelly.eu>
* Don't use ACME issuer in duration example and tidy up line endings
Signed-off-by: James Munnelly <james@munnelly.eu>
* Allow renewBefore to be set on ACME certificates
Signed-off-by: James Munnelly <james@munnelly.eu>
* Update renewBefore ACME docs. Remove unused fields.
Signed-off-by: James Munnelly <james@munnelly.eu>
* Rename calculateTimeBeforeExpiry to calculateDurationUntilRenew
Signed-off-by: James Munnelly <james@munnelly.eu>
