cert-manager

Author	SHA1	Message	Date
Corey McGalliard	7e6e0940a2	updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>	2022-11-16 11:20:36 -05:00
irbekrm	584147df37	Document that pod template spec should be used instead of flags For configuring ACME HTTP-01 solver pod Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-08-09 15:26:10 +01:00
Ashley Davis	fb231ab641	Remove bazel 🎉 This removes all .bazel and .bzl files, and a bunch of scripts relating to bazel, now that it's been entirely replaced. There are still a few places where traces could be removed, but this removes the brunt of the bazel stuff that remains. Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-26 11:38:50 +01:00
irbekrm	75b205021d	Corrects the --dns01-check-retry-period flag description Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-06-09 12:09:39 +01:00
Jake Sanders	f225637e20	Relax the validation on the default Issuer Kind for certificate-shim Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2022-02-08 13:50:13 +00:00
Ashley Davis	3a055cc2f5	rename all uses of github.com/jetstack/cert-manager This was done by running the following command twice: ```bash grep -Ri "github.com/jetstack/cert-manager" . \| \ cut -d":" -f1 \| \ sort \| \ uniq \| \ xargs sed -i "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/" ``` Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-02-02 09:08:31 +00:00
jetstack-bot	fa321b6a4b	Merge pull request #4287 from linka-cloud/acme-http-challenge-cutomer-dns Acme http challenge custom dns	2022-01-11 11:24:03 +00:00
James Munnelly	9c04a04c7c	Move feature package into internal/controller Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-07 12:17:36 +00:00
Adphi	3375fa0609	http01: add custom nameservers support (#4286 ) Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>	2022-01-06 21:02:46 +01:00
jetstack-bot	f61d534975	Merge pull request #4550 from irbekrm/pprof Pprof	2021-10-26 11:20:40 +01:00
irbekrm	7b6eeff457	Profiler address for controller can now be configured Ensures that pprof is configured for controller in the same way as for cainjector Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-10-26 12:20:42 +03:00
irbekrm	4d4a383cb7	Removes deprecated dns01-self-check-nameservers flag Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-10-25 08:43:08 +03:00
Johan Fleury	ef32714434	Make leader election defaults consistent Signed-off-by: Johan Fleury <jfleury@arcaik.net>	2021-08-13 12:14:40 -04:00
Jake Sanders	36aa9e2501	The gateway-api support is now gated behind --feature-gate=ExperimentalGatewayAPISupport=true Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-05 14:37:54 +01:00
irbekrm	2ddf6fe637	Allows for annotations passed from CSR to Order to be filtered Using the value from copied-annotation-prefixes flag, where by default kubectl, fluxcd, argocd annotations are excluded Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-07-27 10:55:09 +01:00
Irbe Krumina	3834a8fc0a	Code review feedback Co-authored-by: Josh Van Leeuwen <joshua.vanleeuwen@jetstack.io> Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-07-26 20:00:37 +01:00
irbekrm	ddf7e130b7	Allow users to specify which annotations should be copied from Certificate to CertificateRequest Default to all being copied except for kubectl, fluxcd, argocd annotations Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-07-26 20:00:10 +01:00
joshvanl	b041a8fb3d	Wires up ACME CSR controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-23 16:00:09 +01:00
joshvanl	65cec6c212	Wires up Venafi CertificateSigningRequest controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-19 15:50:23 +01:00
Maël Valais	30f9c123d3	gateway-shim: add the gateway-shim controller Note that the gateway-shim is only half the work for supporting the Gateway API in cert-manager. The other half is the HTTP01 solver support, which is still worked on. The Gateway API in cert-manager is releases as an experimental feature and needs to be enabled manually with the following flag: --controllers=*,gateway-shim All the annotations supported by ingress-shim are also supported by gateway-shim, with some exceptions: "acme.cert-manager.io/http01-ingress-class" This annotation is not supported on the Gateway resource. Although the Gateway resource also has a "gatewayClass" field, we will need to add another field instead of "ingress-class" to avoid confusion with the ingress-shim. "acme.cert-manager.io/http01-edit-in-place" This annotation is not supported because it is specific to some ingress controllers like ingress-gce. "kubernetes.io/tls-acme" This annotation is not supported because it is a behavior inherited from kube-lego and we chose not to keep this behavior with the Gateway API. Unlike the ingress-shim, you can reuse the same Secret name in multiple TLS configurations on the same Gateway resource. The ingress-shim now shows the exact location of the duplicate secretName when the user gives the same secretName in two separate TLS blocks. Signed-off-by: Maël Valais <mael@vls.dev> Co-authored-by: Jake Sanders <i@am.so-aweso.me>	2021-07-15 20:34:55 +02:00
joshvanl	d9be35c299	Wires up Vault CSR controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-06-29 09:11:43 +01:00
joshvanl	72800ae0f2	Wires up the SelfSigned CertificateSigningRequest controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-06-14 10:19:28 +01:00
joshvanl	9e1b0342d0	Updates with review comments Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 18:48:50 +01:00
joshvanl	60d5974115	Moves CertificateSigningRequest controller to feature gate flag Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 12:00:56 +01:00
joshvanl	62dee4783e	Adds CertificateSigningRequest CA Issuer controller as optional controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-05-27 00:32:24 +01:00
joshvanl	8f5b03427c	Fix options_test.go boilerplate header Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 11:28:01 +00:00
joshvanl	6ef840972c	Change controller options to return a set of enabled controllers, and log enabled controllers on start Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 11:28:01 +00:00
joshvanl	5c3e02d7a5	Changes the controllers flag to allow disabling controllers. This is the same behaviour as kube-controller-manager Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 11:28:01 +00:00
joshvanl	0382c9d8b2	Adds a cert-manager-controller flag to disable controllers, for example, the certificaterequests-approver Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 11:28:01 +00:00
jetstack-bot	a8c75fab1a	Merge pull request #3773 from JoshVanL/certificate-revision-history-limit Certificate revision history limit	2021-03-26 11:13:58 +00:00
joshvanl	6957bc31df	Adds the CertificateRequest approver controller to cert-manager-controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-17 13:10:39 +00:00
joshvanl	c4b918c0aa	Adds RevisionManager controller to default enabled controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-15 14:54:35 +00:00
irbekrm	b852e97ffb	Removes the deprecated renew-before-expiry flag Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-02-21 10:22:25 +00:00
jetstack-bot	cdc53b65cb	Merge pull request #3500 from meyskens/update-copy Update copyright to cert-manager project	2020-12-15 10:12:31 +00:00
Maartje Eyskens	ab0cd57dc5	Use The cert-manager Authors. Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-12-11 19:04:13 +01:00
jetstack-bot	2c521609de	Merge pull request #3477 from tharun208/feat/profiling Added profiling for controller	2020-12-11 14:11:10 +00:00
Maartje Eyskens	1788a9d758	Update copyright to cert-manager project Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-12-08 19:04:49 +01:00
Tharun	b67da63a4e	Added profiling for controller Signed-off-by: Tharun <rajendrantharun@live.com>	2020-11-22 12:15:52 +05:30
Richard Wall	cc1412b252	Deprecate the --renew-before-expiry-duration flag Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-11-19 12:44:18 +00:00
Maartje Eyskens	560eac4b06	Update cmd/controller/app/options/options.go Signed-off-by: Maartje Eyskens <maartje@eyskens.me> Co-authored-by: Richard Wall <wallrj@users.noreply.github.com>	2020-10-16 16:43:13 +02:00
Maartje Eyskens	232f21db26	Validate API values not being 0 + following k8s naming + defaults Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-10-16 13:08:26 +02:00
Maartje Eyskens	7c87e93950	update burst description Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-10-14 17:49:19 +02:00
Maartje Eyskens	ebadd4cd28	Fix defaults, description and add validation Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-10-14 17:46:09 +02:00
Maartje Eyskens	5dfb4d409b	Make Kubernetes API QPS throtteling configurable Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-10-14 17:16:44 +02:00
Matthias Frey	2f2253afaf	make propagation check period configurable Signed-off-by: Matthias Frey <freym@users.noreply.github.com>	2020-09-24 11:28:49 +02:00
Richard Wall	81eb53f597	./hack/update-all.sh Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-08-20 14:28:06 +01:00
Richard Wall	a70298180a	Run a script to update v1alpha2 usage to v1 Script is available at https://github.com/jetstack/cert-manager/pull/3201 Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-08-20 14:26:51 +01:00
James Munnelly	9e2d6a514b	Move expcertificates into certificates package Signed-off-by: James Munnelly <james@munnelly.eu>	2020-07-01 12:16:25 +01:00
James Munnelly	2280480c02	Remove old certificates controller Signed-off-by: James Munnelly <james@munnelly.eu>	2020-07-01 11:46:13 +01:00
JoshVanL	e465329b80	Revert vault free port and expose listener port from metrics server Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>	2020-05-26 23:01:55 +01:00

1 2 3

110 Commits