weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
5,540 Commits 45 Branches 0 Tags 96 MiB
91540b14a2
Commit Graph

1036 Commits

Author SHA1 Message Date
jetstack-bot
91540b14a2
Merge pull request #4100 from JoshVanL/certificate-signing-request-selfsigned 
CertificateSigningRequest selfsigned controller
 2021-06-15 12:36:39 +01:00
joshvanl
19f94c877d Remove references to CA private key from SelfSigned CSR controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-15 12:13:52 +01:00
joshvanl
d5007c2e37 Adds the CertificateSigningRequest selfsigned controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-14 10:18:54 +01:00
irbekrm
e6b748047d Remove the default renewBefore value 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-06-11 10:03:12 +01:00
joshvanl
abdd1f54fa Fix CA CertificateSigningRequest controller to return potential error 
from updating failed status

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-07 17:48:49 +01:00
joshvanl
d4fd4f9acc Move determining Issuer resource Kind into CSR/util 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-07 15:27:43 +01:00
joshvanl
1678d0833e Reverts ACME issuer from forming a chain bundle and populating the 
ca.crt

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-06-02 12:21:50 +01:00
joshvanl
36bd7a459c Changes CSR util signername to use if statements rather than switch 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-28 10:34:43 +01:00
joshvanl
acc5431f1b Fix signernames to allow clusterissuers with dots in name 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-28 10:13:00 +01:00
joshvanl
9e1b0342d0 Updates with review comments 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-27 18:48:50 +01:00
joshvanl
e014b6655d Use ca.crt with the CertificateSigningRequest CA controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-27 10:49:21 +01:00
joshvanl
62dee4783e Adds CertificateSigningRequest CA Issuer controller as optional 
controller

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-27 00:32:24 +01:00
joshvanl
3b74c34089 Adds CertificateSigningRequest CA Issuer controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-27 00:25:02 +01:00
joshvanl
c5c206cace Adds base CertificateSigningRequest cert-manager controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-27 00:23:50 +01:00
jetstack-bot
efd8b7a076
Merge pull request #3866 from jandersen-plaid/jandersen-plaid-make-orders-unique-to-controlling-cr 
Hash orders with the issuing certificate request to ensure unique hash
 2021-05-21 17:34:25 +01:00
jandersen-plaid
b5fe7ecdca Update pkg/controller/certificaterequests/acme/acme.go 
Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com>
Signed-off-by: Jack Andersen <jandersen@plaid.com>
 2021-05-21 12:08:22 -04:00
jandersen-plaid
cd1d8a2788 Update pkg/controller/certificaterequests/acme/acme_test.go 
Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com>
Signed-off-by: Jack Andersen <jandersen@plaid.com>
 2021-05-21 12:08:07 -04:00
jandersen-plaid
ed88ce6030 Update pkg/controller/certificaterequests/acme/acme_test.go 
Co-authored-by: Ashley Davis <SgtCoDFish@users.noreply.github.com>
Signed-off-by: Jack Andersen <jandersen@plaid.com>
 2021-05-21 12:07:40 -04:00
Ashley Davis
219a620871
static analysis fixes 
pkg/ctl/scheme.go:17:1: package comment should be of the form "Package ctl ..."
pkg/issuer/acme/dns/acmedns/acmedns.go:43:2: var accountJson should be accountJSON
pkg/issuer/acme/dns/acmedns/acmedns.go:50:43: func parameter accountJson should be accountJSON
pkg/controller/certificates/trigger/policies/policies.go:57:1: comment on exported type Chain should be of the form "Chain ..." (with optional leading article)
pkg/controller/ingress-shim/sync.go:36:2: package "github.com/jetstack/cert-manager/pkg/logs" is being imported more than once (ST1019)
pkg/controller/ingress-shim/sync.go:37:2: other import of "github.com/jetstack/cert-manager/pkg/logs"

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-05-21 12:04:11 +01:00
Ashley Davis
c67c2c4f47
static analysis: pkg/controller 
fixes the following issues:

pkg/controller/acmeorders/util.go:84:6 deadcode `hashChallenge` is unused
pkg/controller/certificaterequests/approver/approver.go:72:14 staticcheck SA4021: x = append(y) is equivalent to x = y
pkg/controller/certificaterequests/vault/vault_test.go:535:21 errcheck Error return value of `controller.Register` is not checked
pkg/controller/certificates/trigger/policies/policies.go:121:26 gosimple S1039: unnecessary use of fmt.Sprintf
pkg/controller/clusterissuers/sync_test.go:55:12 errcheck Error return value of `c.Register` is not checked
pkg/controller/ingress-shim/sync.go:301:2 gosimple S1005: unnecessary assignment to the blank identifier

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-05-21 12:03:47 +01:00
irbekrm
e1dff85cad
Feedback from code review 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-21 12:03:47 +01:00
irbekrm
17728b8437
Handle cert renewal when renewalBefore slightly less than cert duration correctly 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-21 12:03:47 +01:00
Josh Soref
64fb1ebc91 Deprecate UsageContentCommittment 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-05-19 12:40:10 -04:00
irbekrm
06f6b46f30 Implements feedback from code review 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:20:05 +01:00
irbekrm
bbfd2294f9 Integration test for ACME Orders controller 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:11:48 +01:00
irbekrm
d8c941da8e Refactors creation of ACME Orders controller 
So that it easier used with the existing test framework and also is more similar to how most other controllers are created

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:11:18 +01:00
irbekrm
8d55b69796 Unit test pending ACME order with valid challenges 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:06:12 +01:00
irbekrm
1e235c79f2 Re-queue Order with finalized Challenges, but pending state 
To avoid stuck Orders in case of a misbehaving ACME server

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:05:44 +01:00
irbekrm
a42771b7e4 Adds a bunch of comments for exported types 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 10:19:43 +01:00
irbekrm
2cce594de1 Don't compare two booleans 
Part of work towards fixing errors shown by static analysis tools

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 10:17:18 +01:00
irbekrm
881fb2ddea Make tests fail if controller registration fail 
Part of work towards fixing errors discovered by static analysis tools

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 10:16:59 +01:00
Jack Andersen
b48e9664a6 Only use the new hash on certificate request names > 52 chars 
Signed-off-by: Jack Andersen <jandersen@plaid.com>
 2021-05-18 09:08:30 -04:00
Tamal Saha
7b63788f52 Cleanup codegen script 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
b1cb6422e4 Use controller-runtime v0.9.0-beta.0 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
jetstack-bot
0ff2b8778c
Merge pull request #3983 from JoshVanL/parse-certificate-chain-venafi 
Parse certificate chain venafi
 2021-05-13 14:21:14 +01:00
jetstack-bot
22ff380f39
Merge pull request #3984 from JoshVanL/parse-certificate-chain-acme 
Parse certificate chain acme
 2021-05-13 13:50:14 +01:00
jetstack-bot
96ea5e51d4
Merge pull request #3985 from JoshVanL/parse-certificate-chain-ca 
Parse certificate chain CA Issuer
 2021-05-13 13:23:14 +01:00
joshvanl
58a25314f7 Changes CR CA controller to use ECDSA keys 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 15:07:25 +01:00
joshvanl
ea2cfdc3c9 Updates CA issuer to updates SignCSRTemplate and propagate CA 
certificate down

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 14:22:59 +01:00
joshvanl
e4d3d3f725 Change ParseCertificateChain to ParseSingleCertificateChain 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 14:17:41 +01:00
joshvanl
33fcf0d082 Uses ParseCertificateChainPEM for ACME Order Response 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 14:17:02 +01:00
joshvanl
d69a4e1a3c Change ParseCertificateChain to ParseSingleCertificateChain 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 14:15:54 +01:00
joshvanl
1030bbadb5 Change Venafi Signer to use ParseCertificateChain to populate Status.CA 
correctly

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-05-12 14:14:47 +01:00
Jake Sanders
ef2a830614
./hack/update-bazel.sh 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-05-11 14:50:28 +01:00
Jake Sanders
79d8d9cb7b
Revert "Merge pull request #3724 from inteon/istio-virtualservice-for-http01" 
This reverts commit 80f27739b5, reversing
changes made to 96604d02a3.

Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-05-11 14:50:25 +01:00
Jake Sanders
423e82b65b
Revert "Merge pull request #3939 from JoshVanL/istio-api-to-internal-apis" 
This reverts commit f2a74ade5e, reversing
changes made to 7ff54e61e9.

Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-05-11 14:50:23 +01:00
jetstack-bot
3434c78188
Merge pull request #3960 from wallrj/538-lint-fixes-richardw 
Fix some linting errors
 2021-05-07 11:50:34 +01:00
Richard Wall
fc1f6ffea9 ./hack/update-deps.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-05-07 09:55:09 +01:00
Richard Wall
3811847872 Fail benchmark if scheduleN returns an error 
pkg/controller/acmechallenges/scheduler/scheduler_test.go:84:16                          errcheck     Error return value of `s.scheduleN` is not checked
pkg/controller/acmechallenges/scheduler/scheduler_test.go:98:16                          errcheck     Error return value of `s.scheduleN` is not checked
pkg/controller/acmechallenges/scheduler/scheduler_test.go:112:16                         errcheck     Error return value of `s.scheduleN` is not checked
pkg/controller/acmechallenges/scheduler/scheduler_test.go:314:51                         errcheck     Error return value of `` is not checked

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-05-07 09:55:09 +01:00
Richard Wall
c9eb75c447 Remove unused test-case field 
pkg/controller/certificaterequests/venafi/venafi_test.go:787:2                           structcheck  `issuer` is unused

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-05-07 09:55:09 +01:00