JoshVanL
|
72d6d030c8
|
Adds Create expected action to webhook bootstrap tests due to always
Create being attempted
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-02-04 17:34:00 +00:00 |
|
JoshVanL
|
c940b30ac1
|
Added comment around recursive function call and cleans up Create/Update
code
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-02-04 16:59:48 +00:00 |
|
JoshVanL
|
fa75ced013
|
Updates webhook bootstrap tests to for new single reconcile key/cert
generation
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-02-04 14:49:26 +00:00 |
|
JoshVanL
|
e58022462e
|
Moves key generation to same reconcile as webhook certificate signing to
do single creation/update of Secret
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-02-04 14:48:45 +00:00 |
|
James Munnelly
|
1f7f23895d
|
Ensure fetched certificate is valid for CSRs public key before issuing
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2020-01-22 16:42:58 +00:00 |
|
jetstack-bot
|
fbab741817
|
Merge pull request #2513 from munnerz/add-v1alpha3
Create v1alpha3 API version
|
2020-01-20 16:37:31 +00:00 |
|
jetstack-bot
|
b7e83b5382
|
Merge pull request #2508 from JoshVanL/cr-invalid-request
CertificateRequest InvalidRequest
|
2020-01-20 14:17:31 +00:00 |
|
James Munnelly
|
72ea226b41
|
Update controllers to use validation registry
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2020-01-20 10:05:54 +00:00 |
|
JoshVanL
|
2f3fe4c3d7
|
Reduce comments by removing invalid data in CR implementations doing
better InvalidRequest checking
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-01-17 14:11:25 +00:00 |
|
JoshVanL
|
b989f4e604
|
Remove cert-manager core issuers from marking CR as InvalidRequest
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-01-17 13:35:05 +00:00 |
|
Joshua Mathianas
|
cc802cc16e
|
made code review changes
Signed-off-by: Joshua Mathianas <mathianasj@gmail.com>
|
2020-01-17 07:31:25 -05:00 |
|
Joshua Mathianas
|
eed8f67587
|
fixed which namespace to find secret in based on if its a clusterissuer for venafi
Signed-off-by: Joshua Mathianas <mathianasj@gmail.com>
|
2020-01-16 12:19:49 -05:00 |
|
JoshVanL
|
c38466dc9c
|
Update certificate request controller sync_test.go
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-01-10 09:41:55 +00:00 |
|
JoshVanL
|
f9f8fbd311
|
Add InvalidRequest condition check to Certificate controller:
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-01-09 15:14:21 +00:00 |
|
JoshVanL
|
1c9557b729
|
Adds InvalidRequest condition set to CertificateRequest controllers
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2020-01-09 15:13:54 +00:00 |
|
James Munnelly
|
9daad6dd93
|
Update tests to ensure temporary certificates are not re-issued when dnsNames mismatch
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-12-16 15:11:07 +00:00 |
|
James Munnelly
|
7076041de6
|
Don't overwrite existing certificates when issuing a temporary certificate
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-12-16 13:53:38 +00:00 |
|
James Munnelly
|
ff8c68348a
|
Update checks.go for external account bindings
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-12-11 12:37:36 +00:00 |
|
jetstack-bot
|
4073080089
|
Merge pull request #2416 from munnerz/fixup-expiry-metrics
Fix certificate controller expiry metrics
|
2019-12-10 17:25:15 +00:00 |
|
James Munnelly
|
1f3b883cfd
|
Don't overwrite order.status.url if return Order's URI is empty
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-12-03 16:49:31 +00:00 |
|
James Munnelly
|
641fe0da7c
|
Switch to using upstream golang.org/x/crypto
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-12-03 16:49:31 +00:00 |
|
James Munnelly
|
698e7a522a
|
Fix certificate controller expiry metrics
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-11-29 18:29:23 +00:00 |
|
JoshVanL
|
232b1133fd
|
Adds more tests for deprecated secret annotations and update secret
annotations if deprecated ones exist
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-27 15:12:25 +00:00 |
|
JoshVanL
|
0d9d0eeb22
|
Allow secrets with legacy annotations for issuer name and kind to match
existing certificates
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-26 12:13:58 +00:00 |
|
jetstack-bot
|
5ec141c107
|
Merge pull request #2382 from JoshVanL/cr-controller-issuer-ready
Check for Issuer readiness in CR controllers
|
2019-11-26 09:40:30 +00:00 |
|
JoshVanL
|
de7aaa84d3
|
Update CertificateRequest controller unit tests
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-19 22:09:01 +00:00 |
|
JoshVanL
|
3bcc038c09
|
Check for Issuer readiness in CR controllers
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-19 20:31:44 +00:00 |
|
James Munnelly
|
fdce8c6406
|
Fix Sync() method to allow time for testing informers to sync
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-11-14 19:43:02 +00:00 |
|
JoshVanL
|
d6248d20bd
|
Make vault issuer to point to resource namespace over certificaterequest
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-13 11:02:43 +00:00 |
|
jetstack-bot
|
f46029b999
|
Merge pull request #2324 from CoaxVex/master
Correct order api group owner reference when creating challenges
|
2019-11-07 17:39:34 +00:00 |
|
jetstack-bot
|
57e045fd96
|
Merge pull request #2316 from JoshVanL/2312-check-all-vault-secrets
Ensure we check all the secrets that vault cluster issuers may be
|
2019-11-07 17:39:25 +00:00 |
|
Nils Cant
|
765a0cb21d
|
Correct order api group owner reference when creating challenges
Signed-off-by: Nils Cant <nils.cant@vargen.io>
|
2019-11-05 15:22:32 +01:00 |
|
JoshVanL
|
bca6ebc520
|
Ensure key usages are set on CertificateRequests created by the
Certificate controller
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-05 14:22:25 +00:00 |
|
JoshVanL
|
3406f5a465
|
Ensure we check all the secrets that vault cluster issuers may be
watching
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-11-01 16:02:57 +00:00 |
|
James Munnelly
|
00ad3446ef
|
Surface ACME Challenge failure reason on Challenge resource if available
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-10-29 09:22:08 +00:00 |
|
jetstack-bot
|
87aedeb04c
|
Merge pull request #2225 from munnerz/wildcard-field-ptr
Make ACMEAuthorization.Wildcard field a pointer
|
2019-10-15 19:05:05 +01:00 |
|
jetstack-bot
|
8d12d351e8
|
Merge pull request #2216 from JoshVanL/move-IngressEditInPlaceAnnotationKey-to-acme
Move IngressEditInPlaceAnnotationKey into acme API
|
2019-10-15 13:53:19 +01:00 |
|
James Munnelly
|
56b1fdd379
|
Make ACMEAuthorization.Wildcard a *bool
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-10-15 12:35:11 +01:00 |
|
JoshVanL
|
536dc150ab
|
Move IngressEditInPlaceAnnotationKey into acme API
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-14 16:32:41 +02:00 |
|
James Munnelly
|
ef55bd5807
|
Mark Order & Challenge resources as Errored if 4xx error is received
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-10-11 09:30:17 +01:00 |
|
James Munnelly
|
6b19892908
|
Fix regression in certificates controller setting owner references
Signed-off-by: James Munnelly <james@munnelly.eu>
|
2019-10-09 11:33:21 +01:00 |
|
JoshVanL
|
2e1a534642
|
The ingress shim checks certificate common names and ensures they are
empty
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-03 16:57:54 +01:00 |
|
jetstack-bot
|
482eac596a
|
Merge pull request #2085 from JoshVanL/certificate-URISANs
Adds URISANs field to Certificate
|
2019-10-03 10:59:47 +01:00 |
|
JoshVanL
|
7d615ff8e4
|
Remove getting secret from lister in matches spec func
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-03 10:01:57 +01:00 |
|
Ingo Gottwald
|
be3f1e3fd2
|
Remove use of deprecated client.MatchingField
Signed-off-by: Ingo Gottwald <in.gottwald@gmail.com>
|
2019-10-02 20:47:58 +02:00 |
|
JoshVanL
|
dc7cc388e1
|
Converts acme test to UpdateStatus
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-02 17:51:37 +01:00 |
|
JoshVanL
|
7965be9b41
|
Adds from comments
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-02 17:48:37 +01:00 |
|
JoshVanL
|
b6bce10b2f
|
Adds CommonName e2e tests for new behaviour
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-02 17:48:37 +01:00 |
|
JoshVanL
|
66cda5cbd7
|
Only match for common name in DNS names if common name was given
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-02 17:48:37 +01:00 |
|
JoshVanL
|
54f8069a78
|
Make annotation of secret if nil to prevent panic
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
|
2019-10-02 17:48:37 +01:00 |
|