cert-manager

Author	SHA1	Message	Date
Anders Petersson	6d5b199d74	Fixed a typo in error msg.	2018-05-27 19:52:05 +02:00
Krzysztof Nazarewski	dfe0a5ebd4	typo fix	2018-05-10 12:49:48 +02:00
jetstack-bot	0bb19e9453	Merge pull request #546 from munnerz/cloudflare-idempotent Update Cloudflare provider to be idempotent when calling Present	2018-05-09 16:18:19 +01:00
James Munnelly	707a113870	Update Cloudflare provider to be idempotent when calling Present	2018-05-09 14:45:11 +01:00
jetstack-bot	8d1cad422e	Merge pull request #545 from munnerz/acme-v01-warning Set Issuer ready condition to false if ACMEv1 endpoints are used	2018-05-09 14:40:19 +01:00
James Munnelly	3fc74f7f86	Set Issuer ready condition to false if ACMEv1 endpoints are used	2018-05-09 14:17:20 +01:00
jetstack-bot	f78feb6e68	Merge pull request #530 from vdesjardins/fix-vault-approle rename fields in Vault appRole credentials	2018-05-09 14:15:19 +01:00
James Munnelly	a597c02701	Fix panic in shouldAttemptValidation	2018-05-09 12:11:41 +01:00
Vincent Desjardins	b256e02a98	rename fields in Vault appRole credentials	2018-05-03 03:30:43 +00:00
Vincent Desjardins	b35343786e	Vault issuer support vault remove duration	2018-05-02 00:45:55 +00:00
James Munnelly	e2a2e32e28	Fix ingress-shim tests	2018-04-26 12:44:41 +01:00
James Munnelly	fdb8f2bf40	Link ingress-shim into main controller binary	2018-04-26 12:44:40 +01:00
James Munnelly	944ed571fc	Ensure challenge list gets updated after attempting authzs	2018-04-25 19:02:15 +01:00
James Munnelly	50a4bcfde2	Perform full validation flow for each challenge before checking next one	2018-04-25 19:02:15 +01:00
James Munnelly	d573e30878	Only perform one validation per identifier for a single order at a time	2018-04-25 19:02:15 +01:00
James Munnelly	4be42080eb	Add ACMESolverConfigurationForAuthorization test	2018-04-25 18:17:01 +01:00
James Munnelly	c6e6b39fd2	Require asterisk denoted wildcard in acme solver config for wildcard certs	2018-04-25 17:34:21 +01:00
Tim	54067d5446	Add Key Encipherment bit to Key Usage extension Google Chrome rejects the certificate for SSL connections if the Key Usage extension does not include the keyEncipherment purpose.	2018-04-17 16:25:10 -07:00
James Munnelly	5679f6257f	Fix up self check failure error message	2018-04-12 19:31:29 +01:00
James Munnelly	611f1f3e0d	Absorb HTTP client errors in acme http self check	2018-04-12 19:00:24 +01:00
James Munnelly	acd927dd41	Use rate limiter when queueing (Cluster)Issuers	2018-04-12 16:51:02 +01:00
James Munnelly	0a960d46b2	Fix bug in issue method preventing cert issuance	2018-04-12 16:50:03 +01:00
James Munnelly	1975c524b9	Call AddRateLimited in QueuingEventHandler	2018-04-12 15:23:27 +01:00
James Munnelly	70dde521a1	Set status conditions on validation success. Call WaitOrder instead of GetOrder in issue.	2018-04-11 23:30:54 +01:00
James Munnelly	336d01ac4a	Update dns util tests	2018-04-11 19:39:36 +01:00
James Munnelly	ef51483cbc	Merge pull request #5 from redbaron/acmev2-upstream Fixes for ACME client http transport	2018-04-11 14:30:28 +01:00
James Munnelly	4a79203633	Run gofmt	2018-04-11 13:22:10 +01:00
James Munnelly	967499331e	Merge pull request #6 from redbaron/errors-format-fix Fix error formatting	2018-04-11 13:18:45 +01:00
Maxim Ivanov	c44a7552ea	Check challenge before presenting it With async challenge Check, it is often happens, that solver.Check() fails on first run after solver.Present() Cert-manager then tries again, but starts with solver.Present(), which not being idempotent right now fails on certain DNS providers. This change swaps order of solver.Check() and solver.Present(). Check is not returning error if propagation not happened, it then allows Present() to run. In the current form, Present() will be spamming with errors, but this doesn't stop Check from happening on every attempt, so eventually Challenge can be verified and accepted. In the future, Present() should be made idempotent.	2018-04-11 11:27:23 +01:00
Maxim Ivanov	8cbb75f9ba	Fix error formatting	2018-04-10 15:46:43 +01:00
James Munnelly	43373cd766	Adjust exponential backoff base value	2018-04-10 01:50:44 +01:00
James Munnelly	b9813b13db	Requeue Certificate if target secret is deleted	2018-04-10 01:31:09 +01:00
James Munnelly	add2c76923	Don't trigger resync if ingresses or secrets change	2018-04-10 01:27:18 +01:00
James Munnelly	c05d255675	Use AddRateLimited for the scheduled work queue	2018-04-10 01:05:37 +01:00
James Munnelly	ce441d604f	Enable DNS01 provider tests using cloudflare	2018-04-10 00:27:52 +01:00
James Munnelly	857420fbd3	Use adler32 hash for acme http01 resource labels	2018-04-09 23:27:16 +01:00
James Munnelly	c83b479b2f	Remove extra CreateOrder event	2018-04-09 21:29:31 +01:00
James Munnelly	1d52cbeec7	Remove unused strings and standardise event reasons	2018-04-09 21:26:38 +01:00
James Munnelly	d197817fa7	Improve error reporting and use of status conditions	2018-04-09 21:17:51 +01:00
James Munnelly	e8e6785e9a	Immediately create a new order if old one has expired	2018-04-09 20:08:18 +01:00
James Munnelly	1485546ed5	Clear ACME order URL if FinalizeOrder fails with 4xx error	2018-04-09 20:02:26 +01:00
James Munnelly	9aa3bb52a3	Fix invalid json tags	2018-04-09 19:44:16 +01:00
James Munnelly	801d882c4b	Only manually remove challenges on successful validation	2018-04-09 19:29:02 +01:00
James Munnelly	8f2bab6f05	Fix infinite loop in logger middleware	2018-04-09 19:09:46 +01:00
James Munnelly	5a434865ad	Add acme client logger middleware	2018-04-09 19:06:41 +01:00
James Munnelly	47465d645b	Use item based exponential backoff rate limiter	2018-04-09 18:33:36 +01:00
James Munnelly	ae3b4836b5	Clean up successful validations. Fix up failed validation handling.	2018-04-09 18:16:02 +01:00
James Munnelly	99d7a7b99a	Fix ACME DNS provider unit tests	2018-04-09 17:57:33 +01:00
Maxim Ivanov	bd84b7c29c	Make acme client transport to be closer to DefaultTransport Helps with things such as HTTP_PROXY env var handling	2018-04-09 17:46:29 +01:00
James Munnelly	32cab11676	Fix rebase issues	2018-04-09 17:18:34 +01:00

1 2 3 4 5 ...

341 Commits