weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
6,563 Commits 45 Branches 0 Tags 96 MiB
75b49ab641
Commit Graph

1015 Commits

Author SHA1 Message Date
jetstack-bot
2f4f8aea50
Merge pull request #4848 from JoshVanL/test-e2e-certificates-aof-check-feature 
Adds check in additionaloutputformat e2e test suite for ServerSideApply feature gate
 2022-02-14 10:11:52 +00:00
jetstack-bot
12a2148df3
Merge pull request #4794 from JoshVanL/controllers-server-side-apply-issuers 
Server Side Apply: Adds support for [Cluster]Issuer controller to use SSA with Feature Gate
 2022-02-11 19:37:01 +00:00
joshvanl
82346f9027 Adds check in additionaloutputformat e2e test suite for ServerSideApply 
which is required to be enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 17:07:25 +00:00
joshvanl
f73d6584fb Fix copyright year. Remove carrot from OWNERS string match 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
d1ffb0ad0d Adds roundtrip tests for issuer and cluster issuer serialize 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
5f1249efe9 Adds issuer and cluster issuer integration tests to ensure mapped 
conditions

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
9946c84760 Fix NewController signature in certificates integration test 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:17:47 +00:00
joshvanl
4dc6c957d4 Adds review comments 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:15:57 +00:00
joshvanl
6b3cde9327 Fix apply[_test].go package names 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:15:57 +00:00
joshvanl
067863f83a Revert issuing integration test to again check for Issuing condition 
being removed

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:15:57 +00:00
joshvanl
a8909f9b91 Update integration tests for passing field manager. Add integration 
tests for certificate condition field open api tags

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:15:56 +00:00
Ashley Davis
fc4f130755
Change handling of time in ctl integration tests 
Two main changes:

1. Timezones

Because the tests were run in bazel or in CI environments, they always
ran in UTC, but the behaviour of ctl is based on local time, not UTC. We
show "not after" in the local timezone.

Now, we parse the "not after" time from the output so that its timezone
is respected and should pass on any developer laptop even outside of
bazel.

2. Created At

There was previously a pretty big regex for checking that "Created at"
was a valid timestamp. Now, we simply parse the timestamp using the Go
standard library to confirm that it's a valid RFC3339 timestamp.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-10 15:29:51 +00:00
joshvanl
19b68c9ba2 Update SecretTemplate comments on policy checks 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 15:02:51 +00:00
joshvanl
d5365af662 Adds e2e tests for additional output formats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:43:25 +00:00
joshvanl
ab45d640ea Adds integration tests for additional output formats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:42:04 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
fb6e0b9f00 Pass FieldManager down to issuing controller->secrets manager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 13:56:29 +00:00
joshvanl
1df5afc028 Update secret template e2e test for new issuing controller field manager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
jetstack-bot
b12d78d364
Merge pull request #4746 from JoshVanL/controller-readiness-certificates-spec-match 
Certificates controller policies refactor
 2022-01-27 12:45:40 +00:00
James Munnelly
d03d98967d Fix webhook kubernetes config in integration tests 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00
joshvanl
38b7b930c8 Add tests from rebase and more policies under 
/internal/controller/certificates

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:31:05 +00:00
joshvanl
3b148347ad Move temporary certificate policy init into policy package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
f1cafae95f Refactor trigger policies to be more generic and be used by multiple 
controllers

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
919ad916b2 Gix golang references to feature gate package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
c18571a78d Remove json tags from internal API types. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-18 14:04:53 +00:00
jetstack-bot
051a763ee5
Merge pull request #4638 from JoshVanL/controllers-certificates-secret-template 
SecretTemplate reconciliation. SecretManager Apply
 2022-01-18 13:28:57 +00:00
jetstack-bot
37411c8c3d
Merge pull request #4736 from SgtCoDFish/movefuzz 
Move integration tests to test/integration
 2022-01-18 12:53:04 +00:00
Ashley Davis
6429b65235
fix manual invocation of versionchecker testdata fetch 
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-17 17:41:43 +00:00
Ashley Davis
f2d8a33dd7
Add a build tag for the e2e test only 
This was initially part of #4565 which was closed in favour of moving
integration tests, but the consensus was that the e2e test is a special
case.

The e2e test requires so much more ahead-of-time setup that our bazel
build flow special cases it by marking it manual. This is a `go test`
equivalent to that, which enables the e2e test to remain under the test/
directory while still allowing `go test ./test/...` to work generally
for all other tests.

We'll add make targets for the e2e tests down the road. For now, we add
the build tag and define it in bazel so this commit should be a no-op
in effect.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-17 15:32:30 +00:00
joshvanl
b6ae0af775 Don't run AdditionalOutputFormats e2e test if the feature gate is not 
enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:55:50 +00:00
joshvanl
196d0011ca Remove SecretTemplate controller and move logic into issuing controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
735e72205e Adds integration test for SecretTemplate controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
b13e4d4531 Update unit test package for secret manager unit tests, adds user agent 
to integration tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
7a4be1edfd Copy across an existing secret type in secrets manager since that field 
is immutable.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
a56b6a8596 Fix CA injector test to only create a Secret of type kubernetes.io/tls 
since that field is immutable, and shouldn't change from Opaque

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
5660b80888 Gix golang references to feature gate package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
a9bd3f37dc Use feature gate shared map for determining whether secret template 
tests should run

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
81b164289a Fixes spelling in e2e test 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
43c72dd490 Update Certificates SecretTemplate API comments 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
5707fea92e Skip SecretTemplate Certificate controller e2e tests if 
ExperimentalSecretApplySecretTemplateControllerMinKubernetesVTODO
feature is not enabled.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
50b6fd09f1 Updates integration issuing_controller_test for new SecretManager New 
func signature

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
5004482435 Adds secrettemplate e2e tests 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
685dd79c0c Makes some minor API naming changes, and clears up some docs around the 
Certifcate's additional output formats.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-14 20:00:26 +00:00
Ashley Davis
1605f9794f
move fuzzing tests to test/integration/fuzz/% 
These tests have external dependencies (rendered CRDs) which mean they
can't pass on a clean checkout without further setup. We define such
tests as integration tests, and so these are moved to test/integration.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-14 15:36:00 +00:00
Thierry Sallé
d0094ce277 [e2e] Add more e2e test for additional output formats 
Signed-off-by: Thierry Sallé <seuf76@gmail.com>
 2022-01-14 11:10:32 +01:00
Thierry Sallé
7f8641dd94 [additionalOutputFormats] Update comments and add more tests 
Signed-off-by: Thierry Sallé <seuf76@gmail.com>
 2022-01-14 11:10:32 +01:00
Thierry
81f308221b Add certifcate additionalOutputFormats parameter 
DER Format to create key.der binary format of the private key.

CombinedPEM Format to create tls-combined.pem containing tls.key + tls.crt.

Added Unit and e2e tests for secret with Additional output format.

Feature flag AdditionalCertificateOutputFormats to enable feature.

Signed-off-by: Thierry Sallé <seuf76@gmail.com>
 2022-01-14 11:10:32 +01:00
jetstack-bot
f1813d0368
Merge pull request #4730 from SgtCoDFish/movednstest 
move RFC2136 DNS01 tests to test/integration
 2022-01-13 11:10:04 +00:00
Ashley Davis
92f78e8f8d
move RFC2136 DNS01 tests to test/integration 
Since this test requires setup before it can successfully run,
we define it as an integration test and move it here so that on a
fresh checkout a user can always run `go test ./pkg/...` and expect that
it would succeed.

Also:

- tweaks some comments
- adds methods for getting nameserver / tsig algorithm from DNSProvider

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-12 16:00:10 +00:00