cert-manager

Author	SHA1	Message	Date
James Munnelly	641fe0da7c	Switch to using upstream golang.org/x/crypto Signed-off-by: James Munnelly <james@munnelly.eu>	2019-12-03 16:49:31 +00:00
jetstack-bot	1581bf2796	Merge pull request #2400 from JoshVanL/secret-annotation-fallback Allow secrets with legacy annotations for issuer name and kind to match	2019-11-27 15:39:22 +00:00
JoshVanL	232b1133fd	Adds more tests for deprecated secret annotations and update secret annotations if deprecated ones exist Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-27 15:12:25 +00:00
jetstack-bot	df265ddbfd	Merge pull request #2170 from matevzmihalic/cloudflare-apitoken Add API token authentication option to Cloudflare issuer	2019-11-27 13:22:21 +00:00
James Munnelly	bb117875d3	Validate that both APIKey and APIToken are not both specified Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-27 12:54:17 +00:00
JoshVanL	0d9d0eeb22	Allow secrets with legacy annotations for issuer name and kind to match existing certificates Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-26 12:13:58 +00:00
jetstack-bot	5ec141c107	Merge pull request #2382 from JoshVanL/cr-controller-issuer-ready Check for Issuer readiness in CR controllers	2019-11-26 09:40:30 +00:00
JoshVanL	de7aaa84d3	Update CertificateRequest controller unit tests Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-19 22:09:01 +00:00
JoshVanL	3bcc038c09	Check for Issuer readiness in CR controllers Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-19 20:31:44 +00:00
Matevz Mihalic	0abf945945	Remove ambient credentials Signed-off-by: Matevz Mihalic <matevz.mihalic@gmail.com>	2019-11-18 17:51:50 +01:00
Matevz Mihalic	b5972a379f	Add API token auth option to Cloudflare issuer Signed-off-by: Matevz Mihalic <matevz.mihalic@gmail.com>	2019-11-18 17:51:43 +01:00
James Munnelly	4353ef142f	Fix up whitespace around doc.go in apis package Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-15 14:43:07 +00:00
jetstack-bot	cb4dbe0d94	Merge pull request #2372 from munnerz/add-gencrd-force-meta Add '// +gencrdrefdocs:force' to meta/v1 package	2019-11-15 14:18:15 +00:00
James Munnelly	039acd1f09	Add '// +gencrdrefdocs:force' to meta/v1 package Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-15 13:50:36 +00:00
James Munnelly	1527c06e0f	Remove reference to metav1.ObjectMeta Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-15 12:26:11 +00:00
James Munnelly	c45aa852d0	Run fuzz tests for API schema generation Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-15 12:26:11 +00:00
jetstack-bot	1556add6eb	Merge pull request #2290 from munnerz/kube-1162 Bump Kubernetes dependencies to 1.16.3	2019-11-15 12:22:24 +00:00
James Munnelly	e8fbd37634	Mark 'csr' field as required in CertificateRequest Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-15 01:01:43 +00:00
James Munnelly	fdce8c6406	Fix Sync() method to allow time for testing informers to sync Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-14 19:43:02 +00:00
JoshVanL	1c5a5caaf8	Adds all key usage possible values to key usage comment Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-14 13:51:28 +00:00
jetstack-bot	1793e7b573	Merge pull request #2236 from munnerz/covered-images Add Bazel image targets with coverage enabled	2019-11-14 10:54:09 +00:00
JoshVanL	d6248d20bd	Make vault issuer to point to resource namespace over certificaterequest Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-13 11:02:43 +00:00
jetstack-bot	1bfec37482	Merge pull request #2349 from JoshVanL/2205-kubernetes-auth-path Changes the vault issuer Kubernetes auth path to require the full mount path	2019-11-13 09:58:26 +00:00
JoshVanL	0e739bdde9	Mount path now hard codes /login endpoint in code Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-12 18:37:54 +00:00
jetstack-bot	0aba30b251	Merge pull request #2351 from JoshVanL/catalina Catalina	2019-11-11 17:23:41 +00:00
jetstack-bot	f83dc13a39	Merge pull request #2326 from JoshVanL/cli-output-issuer Increases issuer CLI output	2019-11-11 13:52:40 +00:00
JoshVanL	d38abbe23a	Update csr_test.go to include server auth key usage Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-11 13:19:25 +00:00
James Munnelly	c6a6f6caf0	Set serverAuth EKU by default for better Mac OS Catalina compatibility Signed-off-by: James Munnelly <james@munnelly.eu>	2019-11-11 13:03:35 +00:00
JoshVanL	7ec3103eb4	Changes the vault issuer Kubernetes auth path to require the full path Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-11 12:49:02 +00:00
JoshVanL	06ce5061ba	Set printer columns by changing crds in deploy Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-11 12:25:37 +00:00
jetstack-bot	f46029b999	Merge pull request #2324 from CoaxVex/master Correct order api group owner reference when creating challenges	2019-11-07 17:39:34 +00:00
jetstack-bot	57e045fd96	Merge pull request #2316 from JoshVanL/2312-check-all-vault-secrets Ensure we check all the secrets that vault cluster issuers may be	2019-11-07 17:39:25 +00:00
jetstack-bot	d3254e3843	Merge pull request #2260 from JoshVanL/2247-cert-key-usages Ensure key usages are set on CertificateRequests created by the Certificate controller	2019-11-07 17:14:34 +00:00
JoshVanL	57dad45441	Adds more informative output of kubectl get on [cluster]issuers Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-05 18:26:48 +00:00
Harold Drost	62c4e0b6eb	serviceAccountSecretRef is not always required The cert-manager code will use what it's called ambient permissions. This worked for us until we moved from v0.8 to v0.11 though I've found the issue present in v10 also. Signed-off-by: Harold Drost <baelish@bluecell.net>	2019-11-05 15:57:58 +00:00
Nils Cant	765a0cb21d	Correct order api group owner reference when creating challenges Signed-off-by: Nils Cant <nils.cant@vargen.io>	2019-11-05 15:22:32 +01:00
JoshVanL	192566d789	Adds conversion for key usage int to string Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-05 14:22:25 +00:00
JoshVanL	a03560b93a	Updates tests to ensure that key usages are correctly checked Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-05 14:22:25 +00:00
JoshVanL	bca6ebc520	Ensure key usages are set on CertificateRequests created by the Certificate controller Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-05 14:22:25 +00:00
jetstack-bot	6bf7c0f079	Merge pull request #2261 from munnerz/authz-error-reason Surface ACME Challenge failure reason on Challenge resource if available	2019-11-03 17:23:05 +00:00
JoshVanL	3406f5a465	Ensure we check all the secrets that vault cluster issuers may be watching Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2019-11-01 16:02:57 +00:00
James Munnelly	00ad3446ef	Surface ACME Challenge failure reason on Challenge resource if available Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-29 09:22:08 +00:00
James Munnelly	62c61ca59b	Add extra comments to the webhook's server.go Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-24 19:41:55 +01:00
James Munnelly	b4df41dd1d	Copy UID from admission request to response struct Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-24 19:41:55 +01:00
James Munnelly	dbd92f88ef	Add conversion webhook handler Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-24 19:41:55 +01:00
James Munnelly	0209686ed7	Add v2 version to testgroup API Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-24 19:41:55 +01:00
James Munnelly	ec8d6e12e4	Add validation to ensure Order & Challenge fields are immutable Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-17 16:54:15 +01:00
James Munnelly	c5ee500a2e	Add unit tests for validation webhook handler Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-17 16:54:15 +01:00
James Munnelly	ed284084b3	Refactor validation handler to support updates Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-17 13:27:08 +01:00
James Munnelly	ca9e8f33b2	Clean up webhook handler interface Signed-off-by: James Munnelly <james@munnelly.eu>	2019-10-17 12:56:13 +01:00

1 2 3 4 5 ...

1357 Commits