If /etc/resolv.conf does not have any entries, then its unlikely
that the domain name representation of google's DNS would get
resolved too. Hence using IP address directly makes sense.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rename Event types to be prefixed 'Err' instead of 'Error' for brevity
**What this PR does / why we need it**:
Shortens the event type names we use to be prefixed 'Err' instead of 'Error'
**Special notes for your reviewer**:
This brings us in-line with the issuer and cluster issuer controllers, and other controllers in Kubernetes.
**Release note**:
```release-note
Rename Event types to be prefixed 'Err' instead of 'Error' for brevity
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Log potential errors while waiting for DNS record propagation
**What this PR does / why we need it**:
This helps debugging, e.g. if there are network problems.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added Azure DNS support for DNS01 challange
**What this PR does / why we need it**:
Adds another provider (Azure DNS) for DNS01 challange
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#230
**Special notes for your reviewer**:
**Release note**:
```release-note
ACME DNS-01 challenge mechanism for Azure DNS
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update Secrets instead of replacing to preserve additional metadata
**What this PR does / why we need it**:
Previously we always overwrite the existing certificate if it already existed. Some users have requested a way to automatically create the target secrets using a helm chart, so that all artifacts can be cleaned up cleanly upon `helm delete`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#192
**Release note**:
```release-note
Update existing secrets instead of replacing in order to preserve annotations/labels
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix panic in acme authorize function
**What this PR does / why we need it**:
Fixes a panic in the authorize() method of the acme issuer
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#206
**Release note**:
```release-note
Fix a bug in the ACME authorizer that would cause cert-manager to panic when certificate.spec.acme was not specified
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve validation of certificates. Fix bug in checking certificate validity
**What this PR does / why we need it**:
Improves the validation of dnsNames and commonNames on certificate resources.
Fixes a bug in checking certificate validity.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#176, fixes#175
**Release note**:
```release-note
Fix a bug in checking certificate validity and improve validation of dnsNames and commonName
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add basic validation to ACME issuer
**What this PR does / why we need it**:
Improves validation of existing certificate resources
**Release note**:
```release-note
Fix bugs when checking validity of certificate resources
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Set TLS certificate secret type to TLS type
**What this PR does / why we need it**:
Set the Kubernetes secret type to TLS
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#133
**Release note**:
```release-note
Set the Kubernetes secret type to TLS.
Action required: this will cause renewals of existing certificates to fail. You **must** delete certificates that have been previously produced by cert-manager else cert-manager may enter a renewal loop when saving the new certificates. Alternatively, you may specify a new secret to store your certificate in and manually update your ingress resource/applications reference the secret.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Only ever create http01 solver service instead of also updating
**What this PR does / why we need it**:
Previously the ensureService function was written to update a service if it already exists. There should never be a case where the http01 solver needs to update an existing *service*, so this PR simplifies this functionality into a simple `createService` function.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Error if existing presented key and expected key do not match
**What this PR does / why we need it**:
A type in the HTTP01 solver caused it to not return an error if the key presented by the ingress and the expected key do not match.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#163
**Special notes for your reviewer**:
**Release note**:
```release-note
Fix bug in ACME HTTP01 solver causing self-check to return true before paths have propagated
```
