weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
5,885 Commits 45 Branches 0 Tags 96 MiB
811069cac7
Commit Graph

5885 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonathan Prates
811069cac7 fix: do not create secret labels if template is empty 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
9f36f8984b feat: copy SecretTemplate api to v1alpha2 v1alpha3 and v1beta1 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
1f87c098a1 fix: update autogenerated code 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
0569997ede feat: update crds 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
ababc24670 fix: add SetCertificateSecretTemplate function comment 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Simon Prates
91cecb65e1 fix: add optional annotation to secretTemplate field 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
Co-authored-by: Josh Van Leeuwen <joshua.vanleeuwen@jetstack.io>
 2021-08-03 01:19:11 +01:00
Jonathan Simon Prates
82f1828857 fix: typo in function's comment 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
Co-authored-by: Richard Wall <wallrj@users.noreply.github.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
d29e89c948 chore: update function documentation and fix typo 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
936ad33539 fix: ensure secret annotations and labels will be copied if updated in the cert 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
Jonathan Prates
47bc03e7c4 feat: add support to secretTemplates 
Signed-off-by: jonathansp <jonathansimonprates@gmail.com>
 2021-08-03 01:19:11 +01:00
jetstack-bot
94d854c525
Merge pull request #4244 from RinkiyaKeDad/new_featureset 
adding a new feature set for Public ACME servers
 2021-08-02 12:57:06 +01:00
Arsh Sharma
89bf0022d6 changes from pair programming sesh 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-08-02 16:22:51 +05:30
jetstack-bot
52e505a1ef
Merge pull request #4283 from irbekrm/bump_base_images 
Bump base image versions
 2021-07-30 17:28:49 +01:00
jetstack-bot
b04e42c437
Merge pull request #4253 from JoshVanL/apiextensions-v1beta1-v1 
Conversion: Apiextensions v1beta1 -> v1
 2021-07-30 15:49:49 +01:00
jetstack-bot
edf76f14cf
Merge pull request #4282 from JoshVanL/kube-kind-digest-v1.22.0-rc.0 
Updates the kind cluster for v1.22 to v1.22.0-rc.0
 2021-07-30 14:40:15 +01:00
Arsh Sharma
58410f5deb added comment for skip 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-07-30 18:21:58 +05:30
irbekrm
439d664e86 Bump base image versions 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-07-30 12:52:05 +01:00
Arsh Sharma
8ce7ca8d63 testing: seeing if skip option fixes the failing tests 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-07-30 17:00:56 +05:30
joshvanl
d3f3f458ed Updates the kind cluster for v1.22 to v1.22.0-rc.0 
https://console.cloud.google.com/gcr/images/jetstack-build-infra-images/EU/kind@sha256:fa600aa4b8234235e141fab085126e2a72c3d8f05eed44d38bf343091c51d192/details?tab=info

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-30 12:06:22 +01:00
jetstack-bot
5543772de0
Merge pull request #4254 from JoshVanL/admission-v1beta1-v1 
Remove v1beta1 from admission review
 2021-07-30 10:57:54 +01:00
jetstack-bot
25320ceaa8
Merge pull request #4252 from JoshVanL/admissionregistration-v1beta1-v1 
Change admissionregistration.k8s.io v1beta1 to v1 in integration tests
 2021-07-29 20:44:41 +01:00
joshvanl
1d926e8e50 Adds UserInfo fields to conversion webhook tests 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 17:35:13 +01:00
jetstack-bot
6d13f910ef
Merge pull request #4271 from maelvls/forget-scheduler-item-deletedfunc 
Revert the `Forget` call that was happening on every Certificates and Orders sync
 2021-07-29 17:02:41 +01:00
joshvanl
d261e2eadb Defined AdmissionReviewVersions:[]string{"v1"} in API webhook 
configuration integration tests

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 14:54:17 +01:00
joshvanl
a09c93f885 Set integration apiserver webhook configuration to use AdmissionReviewVersions=[]string{"v1"} 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 14:11:46 +01:00
joshvanl
29514ff09d Adds v1beta1 as a supported admissionReviewVersion with a note as to 
why it is listed even though we don't support it

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 11:10:25 +01:00
joshvanl
fbfe48cad8 Change webhook manifests for mutation and validation to only accept v1 
in admissionReviewVersions

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 11:10:25 +01:00
joshvanl
bd95b3779c Change integration test apiserver to only be configured with v1 
admission configuration

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 11:10:25 +01:00
joshvanl
8470ba96f0 Change webhook admission/mutation to no longer understand and reject anything which is not 
v1 (remove v1beta1)

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-29 11:10:24 +01:00
jetstack-bot
b92fc91208
Merge pull request #4267 from JoshVanL/ctl-remove-pkg-util 
Move exported cmd util func to package where it is used
 2021-07-29 11:02:12 +01:00
Maël Valais
e4f981da66 Revert "memory leak: clean up scheduler goroutine on cert deletion" 
This reverts commit 641960b6. The reason we decided to revert this is
that we are unsure about the implications of adding the
scheduledWorkQueue.Forget call. The new Forget call is left untested,
and it makes us nervous not to know exactly if it works as intended.

The "Forget" memory leak that we are reverting now is the cause of a
tiny fraction of the overall memory leakage that was fixed in the PR
in the scheduler itself.  Reverting this means that some goroutines will
be leaked, but only when a Certificate gets removed and never recreated
with the same name.

Signed-off-by: Maël Valais <mael@vls.dev>
 2021-07-28 19:19:39 +02:00
jetstack-bot
8ae179b8f5
Merge pull request #4261 from SgtCoDFish/tsuru-ca-chain-without-root 
CA chain fix without root
 2021-07-28 17:18:41 +01:00
joshvanl
6c5a4897b6 Adds note as to why v1beta1 is still an accepted 
`conversionReviewVersion`

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-28 15:49:50 +01:00
joshvanl
b3ece6708a Adds v1beta1 as a conversionReviewVersion but don't actually support 
it

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-28 15:36:58 +01:00
jetstack-bot
d062176777
Merge pull request #4243 from inteon/improved_go_routines 
Cleanup goroutine management
 2021-07-28 15:36:41 +01:00
Inteon
78d13787e6
remove duplicated error messages & cobra help messages on error 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-28 15:55:14 +02:00
joshvanl
1f4343d98e Move exported cmd util func to package where it is used. Removes util 
package

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-28 14:25:17 +01:00
Ashley Davis
2ee4abeb24
handle individual certs in ParseSingleCertificateChain 
roots are handled differently because they're their own CAs

also adds test cases for each of:

- a lone leaf
- a lone intermediate
- a lone root

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-07-28 14:06:57 +01:00
Wilson Júnior
18235e3624
Improve ParseSingleCertificateChain when no root is present 
Fixes when the certificate chain does not have a root CA,
in which case the chain should contain all available intermediates
and ca.crt should contain the rootmost certificate.

Co-authored-by: Josh Van Leeuwen <joshua.vanleeuwen@jetstack.io>
Signed-off-by: Wilson Júnior <wilsonpjunior@gmail.com>
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-07-28 14:05:19 +01:00
Inteon
d867fcc44d
remove unnecessary wait.Until 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-27 21:43:54 +02:00
Inteon
d430113666
remove os.Exit from cert-manager controller and make sure LeaderElection ReleaseOnCancel works 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-27 21:40:42 +02:00
jetstack-bot
3b50d78ae4
Merge pull request #4225 from jakexks/ingressv1 
Feature: Support both v1 and v1beta1 ingresses.
 2021-07-27 20:11:37 +01:00
Inteon
48e9c2bd16
exit with exit code 0 on cancel & release leader-election on cancel 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-27 19:43:08 +02:00
jetstack-bot
ed38011aa2
Merge pull request #4260 from mozz-lx/enableServiceLabels 
Enabling serviceLabels for webhook service.
 2021-07-27 17:49:37 +01:00
Jake Sanders
d69a48c1dc
Add comment to exported ConvertedGVKAnnotation constant. 
Co-authored-by: Maël Valais <mael@vls.dev>
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-07-27 17:01:50 +01:00
Jake Sanders
90f006c907
nit: imports 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-07-27 16:58:59 +01:00
mortega
d525001f80 Adding webhook.serviceLabels to README template 
Signed-off-by: Marco Ortega <mortega@brightcove.com>
 2021-07-27 10:24:29 -05:00
Arsh Sharma
2baaea339f created a fs for long domain 
Signed-off-by: Arsh Sharma <arshsharma461@gmail.com>
 2021-07-27 19:13:19 +05:30
mortega
feee2fd76c Enabling serviceLabels for webhook service. 
Signed-off-by: Marco Ortega <mortega@brightcove.com>
 2021-07-27 07:03:16 -05:00
jetstack-bot
d35a7c9226
Merge pull request #4251 from irbekrm/opt_annotations 
Allows to configure which annotations get copied from Certificate
 2021-07-27 11:31:37 +01:00