cert-manager

Author	SHA1	Message	Date
jetstack-bot	7f92e38988	Merge pull request #6614 from rodrigorfk/feat-vault-mtls feat: Add the ability to communicate with Vault via mTLS	2024-02-16 18:11:26 +00:00
Tim Ramlot	23ab96de91	use unstructured.Unstructured in Mutation webhook Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 11:11:33 +01:00
Tim Ramlot	b9a216cdfc	Simplify webhook and switch Webhook to controller-runtime. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 10:55:32 +01:00
Tim Ramlot	ffb47e52fa	remove dead & deprecated code from cert-manager codebase Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-10 17:22:23 +01:00
jetstack-bot	c4c0fd3268	Merge pull request #6744 from andrey-dubnik/master Move token audiences under the SA ref for the Vault kubernetes auth	2024-02-09 11:58:18 +00:00
Tim Ramlot	c3b8cbd608	improve comment that explains what removeReqID does and when it fails Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:20:36 +01:00
Tim Ramlot	06b3cd3372	add testcase for nested errors Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
Tim Ramlot	deab9548c0	use errors.Is instead of errors.As Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
Tim Ramlot	893d30d938	migrate to github.com/aws/aws-sdk-go-v2 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
cloudwiz	75d1449903	move audiences under the SA ref Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-08 14:07:03 +00:00
Tim Ramlot	04220447bc	remove deprecated files and functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 10:45:06 +01:00
jetstack-bot	968ad2f9ed	Merge pull request #6724 from inteon/fix_sans_critical Fix changed behavior: set critical flag of SANs extension based on subject	2024-02-07 13:55:30 +00:00
Adam Talbot	a8bb63f0fc	fix: move server package out of internal Currently the TLS code here is imported by the approver-policy project. Long term we should break this code out to a new package, for now we can just move it out internal to unblock our ability to update the approver-policy imports. Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-02-07 11:31:17 +00:00
Tim Ramlot	0acde5b1a4	fix changed behavior: set critical flag of SANs extension based on subject Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-07 11:01:34 +01:00
cloudwiz	624f874d69	updated spelling and generated CRDs Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 15:06:31 +00:00
cloudwiz	9cf9cb7ea5	Vault extra audiences (#3 ) --------- Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 10:06:17 +00:00
Tim Ramlot	899d55ae57	remove webhook conversion logic Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-02 11:19:08 +01:00
Tim Ramlot	5b8c1213b6	redact the body of failed authentication requests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-31 10:05:00 +01:00
jetstack-bot	0b33337f1d	Merge pull request #6679 from wallrj/remove-DisableInstanceDiscovery-field Remove unnecessary Azure workload identity setting: DisableInstanceDiscovery: true	2024-01-30 19:45:27 +00:00
Richard Wall	67e06fce78	A hack to DisableInstanceDiscovery during tests Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-30 18:03:05 +00:00
Tim Ramlot	b9dd4903ad	improve error message logging Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-30 16:55:37 +01:00
Richard Wall	420d3114df	Remove unnecessary Azure workload identity setting: DisableInstanceDiscovery: true Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-30 15:50:05 +00:00
Tim Ramlot	90cbbc9d87	replace the azcore.ResponseError error message to make it stable across retries Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-30 16:20:52 +01:00
Tim Ramlot	5ac022ad70	remove versionchecker, because it was moved to cert-manager/cmctl Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-29 11:50:09 +01:00
Richard Wall	ee5cba487a	Stop using the deprecated SingleInflight field of miekg/dns Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-26 17:53:50 +00:00
Rodrigo Fior Kuntzer	199c98689f	feat: supporting Vault server mTLS Signed-off-by: Rodrigo Fior Kuntzer <rodrigo@miro.com>	2024-01-15 09:25:30 -03:00
Tim Ramlot	67f8a03cae	update AzureDNS auth API comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-12 12:07:02 +01:00
Tim Ramlot	9a049532d0	Update Azure SDK and remove deprecated autorest dependency Co-authored-by: Tim Ramlot <42113979+inteon@users.noreply.github.com> Signed-off-by: Philip Laine <philip.laine@gmail.com>	2024-01-12 12:06:34 +01:00
jetstack-bot	a1c134e78c	Merge pull request #6574 from ThatsMrTalbot/tls-metrics-endpoint feat: add tls to metrics endpoint	2024-01-10 14:48:17 +00:00
SpectralHiss	892e6eef01	Fix OtherName Value UniversalValue .Type() detection Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-10 10:35:43 +00:00
SpectralHiss	0b83f78fff	Remove redundant otherName match tests * We do not need to include otherName in fuzzy certificate detection checks Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-09 17:02:24 +00:00
Tim Ramlot	3dad3f320b	don't check OtherNames when fuzzy matching Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-09 16:41:13 +01:00
Tim Ramlot	736896d264	introduce UniversalValue 'Type()' Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-09 16:40:32 +01:00
SpectralHiss	38c2b33a71	Add otherName detection to TestSecretDataAltNamesMatchSpec Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-09 14:01:09 +00:00
SpectralHiss	b6fdcede90	Add test for different order OtherName value * Simplify sorting implementation for OtherName slice equality Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-09 11:39:17 +00:00
SpectralHiss	7b13c72fed	Detect otherName changes to CR trigger reissuance Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-09 09:58:43 +00:00
jetstack-bot	c3304feec5	Merge pull request #6618 from SpectralHiss/hef/missed-otherName-changes Hef/missed other name changes	2024-01-09 09:44:29 +00:00
jetstack-bot	4edb4b0ad0	Merge pull request #6619 from ThatsMrTalbot/feat/http-max-body-size feat: limit the size of the body read back from http requests	2024-01-08 20:41:08 +00:00
Adam Talbot	d0ec66237c	feat: limit the size of the body read back from http requests Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-08 20:28:01 +00:00
SpectralHiss	d186b61414	Add attribution to pkg/util/pki/asn1_util.go Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-08 13:34:09 +00:00
SpectralHiss	d07dd3de5f	Fix OtherName feature flag validation logic * Improve test comments for UniversalValue Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-08 13:34:09 +00:00
jetstack-bot	e0189a6a30	Merge pull request #6607 from inteon/deprecate_util_function Deprecate URLsFromStrings which is only used in other deprecated functions	2024-01-05 15:23:16 +00:00
Tim Ramlot	c584ee6dfb	use generics for mustAllSync variants Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-05 11:58:14 +01:00
Tim Ramlot	a49bc65b03	deprecate URLsFromStrings which is only used in other deprecated functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-05 11:50:13 +01:00
Adam Talbot	d27fcc2762	refactor: refactored metrics server code into internal package Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-04 15:49:25 +00:00
Richard Wall	7bda41c282	Use io instead of deprecated ioutil Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-04 15:05:24 +00:00
Tim Ramlot	8ca617a8ea	replace custom util function with k8s.io/apimachinery/util/sets Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-04 14:38:30 +01:00
jetstack-bot	24d0fddec5	Merge pull request #6593 from inteon/use_slices Use slices go library	2024-01-04 13:36:02 +00:00
jetstack-bot	d2f3f12f47	Merge pull request #6592 from inteon/add_long_cert_chain_test Add tests for the improvements made in #6561	2024-01-04 13:18:02 +00:00
Tim Ramlot	e157729991	fix typo in name and add comment explaining genericEqualUnsorted Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-04 14:02:36 +01:00

1 2 3 4 5 ...

3346 Commits