cert-manager

Author	SHA1	Message	Date
Daniel Morsing	88d811b34c	change Check function signature This makes the check function into a simple precondition Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-17 16:45:03 +00:00
jetstack-bot	5f96b378e6	Merge pull request #1184 from tlmiller/feature/authnss Control authoritative dns01 server check.	2019-01-12 15:25:07 +00:00
Thomas Miller	dacd0b45cb	Control authoritative dns01 server check. Adds cmd flag for controlling if authoritative dns servers are used to check RR propagation or just normal resolvers. This change is added so that constrained enviornments can control more aspects of DNS queries performed. - Applying PR feedback Signed-off-by: Thomas Miller <thomas@tlm.id.au>	2019-01-12 20:17:28 +10:00
jetstack-bot	2fc68d9b33	Merge pull request #1197 from munnerz/acme-retain-challenges Retain Challenge resources for debugging if an Order enters an invalid state	2019-01-11 17:22:11 +00:00
jetstack-bot	c512319bfb	Merge pull request #1188 from kragniz/controller-namespace Add --namespace flag	2019-01-11 15:14:11 +00:00
James Munnelly	b1df71dd66	Retain Challenge resources for debugging if an Order enters an invalid state Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-11 14:04:23 +00:00
James Munnelly	21c7b2e13f	Increase ACME control loop max back-off. Increase create order back-off to 1h. Fire Event when Order fails. Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-10 22:07:48 +00:00
jetstack-bot	95f63313a9	Merge pull request #1192 from DanielMorsing/add-reason Add reason when an order/challenge gets marked invalid	2019-01-10 15:25:23 +00:00
Daniel Morsing	cc946c0b45	Populate reason field regardless If we have an error, then tell people about it. Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:54:43 +00:00
Daniel Morsing	1b921b1583	remove more strict validation Turns out the ACME server can respond with different codes than the ones listed Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:35:30 +00:00
Daniel Morsing	ba240bbe4e	Add reason when an order/challenge gets marked invalid When an ACME server tells us that a challenge or an order is invalid, it's helpful to get some information on why that's the case. Populate the reason field with the error information so that these issues can be more easily debugged. Signed-off-by: Daniel Morsing <dmo@jetstack.io>	2019-01-10 14:05:15 +00:00
Louis Taylor	40b68a3e10	Fix more references to clusterIssuer Signed-off-by: Louis Taylor <louis@kragniz.eu>	2019-01-10 13:52:52 +00:00
Louis Taylor	bbda87b3c8	Add --namespace flag Signed-off-by: Louis Taylor <louis@kragniz.eu>	2019-01-10 13:52:52 +00:00
James Munnelly	22342b61b3	Fix use of SecretTLSKeyPair in certificates controller Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-09 11:39:48 +00:00
James Munnelly	3ac4d19874	Fix bug in challenge scheduler causing invalid results Previously, we shared a single backing slice when performing filter operations on slices, causing issues when we perform sorting operations on that same underlying slice. Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-08 13:53:58 +00:00
James Munnelly	0fcc0c666c	Update copyright header year Signed-off-by: James Munnelly <james@munnelly.eu>	2019-01-07 15:07:55 +00:00
James Munnelly	e3ab52861a	Only follow CNAMEs if the Issuer's cnameStrategy is 'Follow' Signed-off-by: James Munnelly <james@munnelly.eu>	2018-12-04 13:57:13 +00:00
jetstack-bot	fafa0d5b1d	Merge pull request #1120 from munnerz/improved-challenge-scheduler Switch ACME challenge scheduler to evaluate all challenges at once	2018-11-30 12:29:12 +00:00
jetstack-bot	bed2934534	Merge pull request #1125 from munnerz/issueresponse-ptr Switch issuer.Issue to return a pointer and fix up setting secret fields	2018-11-30 11:59:12 +00:00
James Munnelly	943e545697	Switch issuer.Issue to return a pointer and fix up setting secret fields Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-30 11:47:08 +00:00
James Munnelly	c890913fb1	Don't update Certificate status condition upon issuance Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-30 10:42:33 +00:00
James Munnelly	bca6ed6e64	Switch ACME challenge scheduler to evaluate all challenges at once Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 22:49:55 +00:00
jetstack-bot	f4e5203f1c	Merge pull request #1116 from munnerz/cleanup-challenges CleanUp ACME challenges after issuing and on delete using finalizer	2018-11-29 15:07:17 +00:00
jetstack-bot	28162cebff	Merge pull request #1119 from munnerz/remove-requeue Remove requeue option and fix small race in controllers	2018-11-29 13:42:16 +00:00
James Munnelly	f8fe9ef21f	Remove requeue option and fix small race in controllers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:23:21 +00:00
James Munnelly	939c90c356	Log events in the FakeRecorder in e2e tests Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
James Munnelly	34c3590052	Store a copy of the signed certificate on the Order resource after Finalize Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-29 12:11:42 +00:00
jetstack-bot	3fbd2ec79c	Merge pull request #1118 from munnerz/controller-remove-rate-limit Only add resources to the rate limited queue when an error occurs	2018-11-29 11:26:26 +00:00
jetstack-bot	8f37cf6c40	Merge pull request #1117 from munnerz/wildcard-challenge-check Include wildcard field in comparison of challenge specs	2018-11-29 11:26:17 +00:00
James Munnelly	93a7a89d4e	Ensure finalizer is always removed after one sync Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 23:19:52 +00:00
James Munnelly	0656d6cf77	Update acmechallenges unit tests Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 22:06:03 +00:00
James Munnelly	dd8f98768b	CleanUp ACME challenges after issuing and on delete using finalizer Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 22:05:47 +00:00
James Munnelly	5907876d47	Only add resources to the rate limited queue when an error occurs Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 21:32:09 +00:00
James Munnelly	2e066fdc57	Include wildcard field in comparison of challenge specs Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 21:31:21 +00:00
James Munnelly	87f91a6e8e	Add explicit check for certificate.spec.acme when issuing acme certificates Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 19:18:09 +00:00
James Munnelly	32c230656f	Use certificateMatchesSpec for detecting need for re-issuance Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 19:17:41 +00:00
James Munnelly	a6b7cade09	Fix up event logging and add an extra event Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 19:16:59 +00:00
James Munnelly	2da01a0a01	Resync order resources when their issuers change Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 19:16:00 +00:00
James Munnelly	1cbfa7ada7	Resync certificates on changes to their referenced issuers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 17:01:15 +00:00
James Munnelly	dc97dde2ef	Make Certificate Ready condition behaviour consistent between all issuer types Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-28 17:00:51 +00:00
jetstack-bot	516622ad55	Merge pull request #1061 from munnerz/ingress-shim-def-issuer-msg Use Events API to report validation errors with ingress-shim	2018-11-27 17:18:28 +00:00
jetstack-bot	e0691e5827	Merge pull request #1060 from munnerz/orders-events Add more Events to Orders and Challenges	2018-11-26 17:28:33 +00:00
James Munnelly	4232041710	Use test builder in ingress-shim units and fix tests Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-26 17:07:00 +00:00
jetstack-bot	e2c71e0876	Merge pull request #1062 from munnerz/order-errors Add Errored type and mark orders as errored when creating fails	2018-11-26 16:48:33 +00:00
James Munnelly	d360eea5e4	Use Events API to report validation errors with ingress-shim Signed-off-by: James Munnelly <james@munnelly.eu>	2018-11-26 15:48:47 +00:00
jetstack-bot	a21ac37a74	Merge pull request #713 from kragniz/add-prometheus-metrics-endpoint Add cert-manager specific metrics to Prometheus endpoint	2018-11-26 15:45:33 +00:00
jetstack-bot	2c74eabb1c	Merge pull request #819 from ccojocar/cert_secret_ref Set the certificate as an owner of the secret	2018-11-26 15:06:33 +00:00
Louis Taylor	39dd82b8a2	Defer UpdateCertificateExpiry earlier Signed-off-by: Louis Taylor <louis@kragniz.eu>	2018-11-26 13:13:57 +00:00
Louis Taylor	cf872a9fc9	Add prometheus metrics Count certificate requests Add certificate_expiry_time_seconds metric Register certificate_expiry_time_seconds metric, fix kind switch and fix metric status result Export nameForIssuer and remove unneccessary switch Refactor metrics into controller context Move metrics collection into functions Move error checking for metrics collection back into sync function Remove space Add TODO Move update certificate expiry function to metrics package Refactor metrics functionality Signed-off-by: Louis Taylor <louis@kragniz.eu> Run dep ensure Signed-off-by: Louis Taylor <louis@kragniz.eu> Fix build Signed-off-by: Louis Taylor <louis@kragniz.eu> Refactor Signed-off-by: Louis Taylor <louis@kragniz.eu> Fix reporting errors Signed-off-by: Louis Taylor <louis@kragniz.eu> Add comments Signed-off-by: Louis Taylor <louis@kragniz.eu> Remove unused issuerType Signed-off-by: Louis Taylor <louis@kragniz.eu> Update dep inputs-digest Signed-off-by: Louis Taylor <louis@kragniz.eu> Don't update status Signed-off-by: Louis Taylor <louis@kragniz.eu> Make metrics package level var Signed-off-by: Louis Taylor <louis@kragniz.eu> Add prometheusMetricsServerMaxHeaderBytes comment Signed-off-by: Louis Taylor <louis@kragniz.eu> Add failures metric Signed-off-by: Louis Taylor <louis@kragniz.eu> Remove issue metrics TODO: hopefully revert this at some point. Signed-off-by: Louis Taylor <louis@kragniz.eu> Assign metrics Signed-off-by: Louis Taylor <louis@kragniz.eu> Update dep digest Signed-off-by: Louis Taylor <louis@kragniz.eu> Fix copyright header Signed-off-by: Louis Taylor <louis@kragniz.eu> Remove old metrics server Signed-off-by: Louis Taylor <louis@kragniz.eu> Update bazel files Signed-off-by: Louis Taylor <louis@kragniz.eu> Clean up Signed-off-by: Louis Taylor <louis@kragniz.eu>	2018-11-26 13:13:44 +00:00
jetstack-bot	99e44be850	Merge pull request #1098 from munnerz/challenges-no-error-check Retry after a fixed 5s if self check is failing & adjust all controllers to use same rate limiter	2018-11-26 13:13:33 +00:00

1 2 3 4 5

212 Commits