cert-manager

Author	SHA1	Message	Date
Richard Wall	76fe8e2bbd	Ignore eab.KeyAlgorithm deprecation warning Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-04 15:36:59 +00:00
Tim Ramlot	41404a7fd7	rename UseCertificateRequestNameConstraints to NameConstraints Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 15:49:18 +01:00
jetstack-bot	cc8925ae9f	Merge pull request #6404 from SpectralHiss/hef/otherNameSANs Other name sans support in Certificates	2024-01-03 14:16:23 +00:00
Houssem El Fekih	c90fd33fb8	Update internal/apis/certmanager/types_certificate.go Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com> Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-03 13:29:03 +00:00
jetstack-bot	4af78fe98a	Merge pull request #6548 from snorwin/modern-pkcs12 New option to specify encryption and MAC algorithms for PKCS#12 keystores.	2024-01-03 12:54:22 +00:00
Tim Ramlot	8223df9e91	rename Algorithms to Profile Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 13:45:02 +01:00
Houssem El Fekih	5cc5c8169f	Update internal/apis/certmanager/types_certificate.go Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com> Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-03 11:57:39 +00:00
Richard Wall	036e3a8e74	Replace all uses of sets.String with the generic sets.Set Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-02 17:24:38 +00:00
pevidex	5ce1cfec9c	test: add missing test for ed25519 key algorithm Signed-off-by: pevidex <ricardojosexavier@hotmail.com>	2023-12-25 01:26:40 +00:00
pevidex	8a516503de	fix: mention ed25519 on validation webhook error when key is not valid Signed-off-by: pevidex <ricardojosexavier@hotmail.com>	2023-12-25 01:24:59 +00:00
jetstack-bot	ebb955f3f0	Merge pull request #6565 from ThatsMrTalbot/fix/flag-validation-not-called fix: validation functions are not called anywhere	2023-12-21 09:11:11 +00:00
Adam Talbot	59184de02f	test: add tests for config validation functions Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-21 08:58:02 +00:00
jetstack-bot	c7714e65f0	Merge pull request #6551 from wallrj/gosec-601 Fix gosec G601: Implicit memory aliasing of items from a range statement	2023-12-20 18:21:37 +00:00
Richard Wall	4de9e956e5	Fix gosec G601: Implicit memory aliasing of items from a range statement Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-12-20 17:25:41 +00:00
Tim Ramlot	24794feac0	update API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-20 11:26:52 +01:00
SpectralHiss	e7f29f8bb3	UTF8Value -> utf8Value in CRD JSON schema * Still following Go standard with UTF8Value for struct field name Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-20 08:30:54 +00:00
SpectralHiss	c87a2f6691	Add early feedback validation for otherName syntax and tests * Fixed warning Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-19 20:02:02 +00:00
Adam Talbot	247a034116	feat: update gateway api to v1 Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-18 21:00:42 +00:00
Norwin Schnyder	ebf58b9967	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-15 10:52:57 +01:00
Allen Mun	9b09aa87a7	Add flag and field to customize leaf duration on dynamic certificates Signed-off-by: Allen Mun <allen.mun@capitalone.com>	2023-12-13 15:45:52 -05:00
SpectralHiss	95b9345a5d	Make UTF8Value godoc comment more clear Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 17:05:12 +00:00
SpectralHiss	4bdee5f010	Rename otherNameSANs to otherNames * Improve the CRD godoc comments Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 16:21:56 +00:00
Norwin Schnyder	aa79285bed	fix enum annotation Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:31:28 +00:00
Norwin Schnyder	879ec53961	backport comment to internal api Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:03:27 +00:00
Norwin Schnyder	b8ad8a3704	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:00:39 +00:00
Tim Ramlot	721f71ed60	Refactor the solution Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:37:21 +00:00
Tim Ramlot	7b7912022a	Add feature gate Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:16:06 +00:00
Tim Ramlot	bfd9a65160	Add OtherNameSANs field to Certificates * Added an otherName SAN extension mechanism * Can take any otherName OID with String (UTF-8) like value * cf [RFC 5280](https://datatracker.ietf.org/doc/html/rfc5280) p 37 for more info * otherName is only a subset of GeneralName, our specific need for for UserPrincipalName used in Microsoft AD/ LDAP * We treat UPN special but we might remove this in a later commit Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 09:12:23 +00:00
Norwin Schnyder	9185ca3195	update internal api for the conversion logic Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-12 19:48:46 +01:00
tanujd11	a29a5913d0	addressed review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 23:42:35 +05:30
tanujd11	28ca4312b3	fix: additional review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	8d362439a8	fix UTs Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	84d7dd4aed	Addressed review comments Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	d1b3e5ca83	Move critical from NameConstraintItem to NameConstraint and remove validateNameConstraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:29 +05:30
tanujd11	adb9311f56	validate name constraint before signing CSR Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:29:45 +05:30
tanujd11	50d84c1bbc	nits: added new line at EOF and comment fix Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:42 +05:30
tanujd11	589030dec1	feature: added name constraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:31 +05:30
Tim Ramlot	c5d7f15aa1	LiteralCertificateSubject: improve webhook logic Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-06 16:09:06 +01:00
Tim Ramlot	25eec9514a	rename internal API fields to match the fieldnames in the public API Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-06 13:59:59 +01:00
Jeremy Campbell	dc876fef16	Add x509 v3 CA Issuers Extension Signed-off-by: Jeremy Campbell <jeremy.campbell@okta.com>	2023-11-16 12:45:16 -06:00
jetstack-bot	6fddbe538f	Merge pull request #6433 from vinny-sabatini/issue-5782 fix error message when setting up vault issuer	2023-11-14 16:30:01 +01:00
Tim Ramlot	4c94f3ef10	create ad-hoc schemes instead of sharing global ones Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-11-06 21:58:24 +01:00
Vinny Sabatini	ef6ef1f0db	additional improvements to vault issuer error messages When initializing a Vault issuer: * Create different error messages depending on if Vault is sealed or not initialized * Do not explicitly parse the Vault server URL (this is covered when trying to access health endpoint) Signed-off-by: Vinny Sabatini <vincent.sabatini@kohls.com>	2023-10-20 16:36:11 -05:00
Vincent Sabatini	298ceb3b2a	fix error message when setting up vault issuer * Ensure Vault URL can be parsed * Separate generic http errors from vault specific errors when checking health endpoint Signed-off-by: Vincent Sabatini <vincent.sabatini@gmail.com>	2023-10-19 08:23:04 -05:00
Tim Ramlot	c51b23497d	update the Condition Message for IncorrectCertificate Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-17 17:43:26 +02:00
Tim Ramlot	b6ba4ded86	add test for SecretCertificateNameAnnotationsMismatch Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-17 17:31:38 +02:00
Tim Ramlot	15bc387da6	make changes based on feedback Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-13 19:42:13 +02:00
Tim Ramlot	61bdecf68a	only sort the duplicates Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 14:05:50 +02:00
Tim Ramlot	d40dae9d67	Fix DuplicateSecretName issue Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 13:47:44 +02:00
Tim Ramlot	e5f50002e1	introduce configfile for cainjector options Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-28 12:56:11 +02:00

1 2 3 4 5 ...

308 Commits