weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
8,044 Commits 45 Branches 0 Tags 96 MiB
6916dbec34
Commit Graph

3201 Commits

Author SHA1 Message Date
Tim Ramlot
2dc22bc8e7
add extra comment 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-25 15:58:51 +02:00
Tim Ramlot
eac230f93e
add more test cases and fix typo 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-22 12:44:52 +02:00
Tim Ramlot
860df2294b
fix feedback: make hash secure 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-21 13:24:07 +02:00
Tim Ramlot
6006182435
add uniqueness check for names util 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-20 20:28:00 +02:00
Tim Ramlot
fa2d9333e3
BUGFIX: CertificateRequest short names must be unique. 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-20 14:51:24 +02:00
Josh Soref
05117f5f75 Add cluster-autoscaler.kubernetes.io/safe-to-evict 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-09-14 12:47:04 -04:00
Eng Zer Jun
c274d7e929
refactor: remove redundant nil check 
From the Go specification:

  "3. If the map is nil, the number of iterations is 0." [1]

Therefore, an additional nil check for before the loop is unnecessary.

[1]: https://go.dev/ref/spec#For_range

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2023-09-05 19:05:59 +08:00
jetstack-bot
798116152c
Merge pull request #6302 from inteon/update_api_comments 
Review Certificate and CertificateRequest API comments
 2023-09-01 12:38:39 +02:00
Tim Ramlot
b98043f6b8
apply review suggestions 
Co-authored-by: Maël Valais <mael@vls.dev>
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-01 12:20:00 +02:00
Tim Ramlot
7c2b4adee7
Rewrite comments in cert-manager API 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-09-01 12:19:35 +02:00
jetstack-bot
3216d18f84
Merge pull request #6298 from inteon/feature_gates 
Feature gates: promote StableCertificateRequestName and SecretsFilteredCaching to Beta
 2023-08-30 19:25:45 +02:00
Tim Ramlot
cf8e37291a
replace k8s.io/utils/pointer with k8s.io/utils/ptr 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-28 09:33:10 +02:00
Tim Ramlot
68cbbf8c42
update tests to work with StableCertificateRequestName featuregate being enabled by default 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-25 21:32:08 +02:00
Tim Ramlot
c70d9aba08
Rename DontAllowInsecureCSRUsageDefinition feature flag to DisallowInsecureCSRUsageDefinition and make it a Beta flag. 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-25 15:18:14 +02:00
jetstack-bot
9ebc08cd64
Merge pull request #5879 from maelvls/structured-logs-deprecate 
Deprecate klog flags and add a deprecation message
 2023-08-25 14:42:10 +02:00
Maël Valais
1c85525d45
klog: warn people that the flags may get removed in the future 
Signed-off-by: Maël Valais <mael@vls.dev>
 2023-08-25 08:54:54 +02:00
Tim Ramlot
6a159bb2d7
fix changed slices.SortFunc signature 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-24 19:54:30 +02:00
Tim Ramlot
3fc1f8a580
upgrade all dependencies 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-24 19:54:25 +02:00
jetstack-bot
ba73f80b14
Merge pull request #6289 from inteon/acme_webhook_openapi 
Add openapi definitions to acme API server
 2023-08-24 16:49:48 +02:00
jetstack-bot
cce304b9d6
Merge pull request #6293 from SgtCoDFish/ipv6compare 
Fix invalid handling of ip addresses in comparisons
 2023-08-24 16:36:48 +02:00
Ashley Davis
bbbc758ccd
fix invalid handling of ip addresses in comparisons 
Signed-off-by: Ashley Davis <ashley.davis@venafi.com>
 2023-08-24 15:21:42 +01:00
jetstack-bot
8d9052f3a9
Merge pull request #6291 from inteon/remove_maxpathlen 
Remove MaxPathLen CSR blob validation logic
 2023-08-24 15:11:17 +02:00
Tim Ramlot
66b1c6e19b
only set logging settings once 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-23 14:28:40 +02:00
Tim Ramlot
1858ccf369
remove MaxPathLen CSR blob validation logic 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-23 14:24:36 +02:00
Tim Ramlot
9d2d1cd6ef
add openapi definitions to acme API server 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-23 14:12:51 +02:00
jetstack-bot
15b2643abf
Merge pull request #6253 from fayvori/master 
Fix messageAppRoleAuthKeyRequired error message
 2023-08-17 19:01:31 +02:00
Tim Ramlot
80a3923fd2
use logsapi.LoggingConfiguration instead of logs.Options 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-17 12:51:19 +02:00
Tim Ramlot
31b5ed6620
Make webhook Logging options configurable using configfile. 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-17 12:00:50 +02:00
Tim Ramlot
e8b5b2e354
Fix bug in ControllerConfiguration's defaulting of logging config, where config would not be correctly defaulted in case a partial logging configuration is provided. 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-17 11:19:16 +02:00
jetstack-bot
061c1337e6
Merge pull request #6275 from inteon/use_int32_instead_of_int 
WebhookConfiguration: change the types of ports from *int to *int32
 2023-08-16 12:18:05 +02:00
Tim Ramlot
db1fcdabb1
add comment explaining port 0 behavior 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-16 11:08:36 +02:00
Tim Ramlot
b19d11d267
change the types of ports in the WebhookConfiguration: 
internal: *int -> int32
public: *int -> *int32

Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-15 20:53:58 +02:00
Ashley Davis
87102cf47e
add tests for ipv6 in ingress-shim 
Signed-off-by: Ashley Davis <ashley.davis@venafi.com>
 2023-08-15 10:52:57 +01:00
jetstack-bot
9462d8ae9d
Merge pull request #6267 from zhangzhiqiangcs/distinguish-dns-names-ip-address 
distinguish dns names and ip address
 2023-08-15 11:00:03 +02:00
zhangzhiqiang02
a518056e0b
distinguish dns names and ip address 
Signed-off-by: zhangzhiqiang02 <zhangzhiqiang02@megvii.com>
 2023-08-15 09:56:36 +08:00
guiyong.ou
ad27e88a4b fix small possible 
Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>
 2023-08-14 19:51:52 +08:00
guiyong.ou
3d76c20f51 cleanup: some redundant code clean up 
Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>
 2023-08-14 17:36:25 +08:00
jetstack-bot
9d618a17fb
Merge pull request #6242 from inteon/restructure_controller_configfile 
Restructure the controller configfile
 2023-08-10 15:37:09 +02:00
Tim Ramlot
f50167ce31
restructure the controller configfile 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-10 11:30:33 +02:00
Ignat Belousov
17c34eaafa
Returned time to each function 
Signed-off-by: Ignat Belousov <ignat.belousov2000@yahoo.com>
 2023-08-10 10:05:37 +02:00
Ignat Belousov
88f1500843
Fix messageAppRoleAuthKeyRequired error message 
Signed-off-by: Ignat Belousov <ignatbelousov@Ignats-MacBook-Pro.local>
 2023-08-10 10:05:37 +02:00
Ashley Davis
a53bec25e7
Update nameserver lookup test to use upstream targets 
In the long term I don't think this test should be run as a unit test
because it can randomly break due to changes in DNS config we don't
control, which is a pretty poor user experience for someone trying to
change unrelated code.

If we're going to run this kind of check, we should probably run it as a
periodic rather than a presubmit, perhaps with the test being run on
presubmit when the DNS util code is changed.

But that's all more work than I can really do now. Instead, I'll copy
what the upstream go-lego is doing, which should unblock us for now:

07c4daeff3/challenge/dns01/nameserver_test.go

Signed-off-by: Ashley Davis <ashley.davis@venafi.com>
 2023-08-09 09:27:30 +01:00
Tim Ramlot
ae287461d0
prepare cmctl improvements 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-01 10:32:35 +02:00
Cody W. Eilar
282a6d58a9 Preserve internal types 
- Needed to add custom conversion functions to handle conversions from
  public facing types to internal ones.

Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
Cody W. Eilar
6212b63e51 Address the non-optional values in internal config 
- This  commit changes the internal config to have fewer number of
  optional parameters.  It changes the types to match the ones that are
  already present in https://github.com/kubernetes/apimachinery/blob/master/pkg/apis/meta/v1/conversion.go
  so that custom converters do not have to be written for types "int"
  and "float32".

Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
Cody W. Eilar
1243fe285b Add to ability to start controller with config file 
Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
jetstack-bot
9de9809ac5
Merge pull request #6108 from inteon/ctl_logging 
Use logging library with json support in cmctl (part 1)
 2023-07-27 17:54:51 +02:00
jetstack-bot
0b9366c0fb
Merge pull request #6232 from inteon/fix_log_reassignment 
[BUGFIX] Incorrect re-assignment of cross-invocation variable
 2023-07-26 13:35:07 +02:00
Ashley Davis
7e1ce241ac
use supplied context where possible 
this was discovered as part of the investigation into #6104

Signed-off-by: Ashley Davis <ashley.davis@venafi.com>
 2023-07-26 11:06:31 +01:00
Tim Ramlot
c7d0e0a13e
instead of creating a new local log variable, we were updating the cross-invocation log variable and were adding more Values to the log variable, causing high memory usage and incorrect log messages 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-07-25 20:31:47 +02:00