cert-manager

Author	SHA1	Message	Date
Richard Wall	8f9ccf3b42	Reduce memory usage by only caching the metadata of Secret resources Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-07-10 10:07:18 +01:00
Tim Ramlot	c58b08e7b7	pki match: remove return values that are always nil Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-07-02 13:38:35 +02:00
cert-manager-prow[bot]	50abeda40d	Merge pull request #6987 from cbroglie/renew-before-pct feat: Add renewBeforePercentage alternative to renewBefore	2024-07-01 09:45:23 +00:00
Christopher Broglie	0f74d7536e	Add renewBeforePercentage alternative to renewBefore Since the actual duration is unknown until a cert has been issued, providing an absolute duration for renewBefore can result in accidental renewal loops. The new renewBeforePercentage field computes the effective renewBefore using the actual duration, allowing users to better express intent while maintaining backwards compatibility. Fixes #4423, resolves #5821 Signed-off-by: Christopher Broglie <cbroglie@cloudflare.com>	2024-06-29 21:18:15 -07:00
Tim Ramlot	e906cb8db0	BUGFIX: Venafi issuer and clusterissuer checks were failing due to nilpointer exception Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-06-28 10:03:43 +02:00
cert-manager-prow[bot]	837c6a1e06	Merge pull request #7036 from fidelity-contributions/feature/5514-venafi-issuer-ca-ref-support Feature/5514 - Add SecretRef support for venafi TPP issuer CA Bundle	2024-06-24 14:18:20 +00:00
Tim Ramlot	7572d3075f	add testcase Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-06-20 13:35:06 +02:00
Tim Ramlot	9e649cc8f1	only retry when encountering a Vault non-InvalidData error Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-06-20 13:35:02 +02:00
Tim Ramlot	03e1db1b77	BUGFIX: retry signing when encountering transient error Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-06-19 06:06:11 +02:00
cert-manager-prow[bot]	9f8707d0f8	Merge pull request #4330 from joshmue/vault_client_cert_auth Add client certificate auth method for Vault issuer	2024-06-18 12:19:57 +00:00
Tim Ramlot	363a63ac96	Add client certificate authentication for Vault issuers Co-authored-by: Maël Valais <mael@vls.dev> Signed-off-by: Joshua Mühlfort <muehlfort@gonicus.de>	2024-06-17 09:16:26 +02:00
Tim Ramlot	e0cdfd37bf	introduce gen.CSRForCertificate and gen.CSRWithSignerForCertificate and use it to deduplicate test code Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-06-14 15:53:18 +02:00
Tim Ramlot	52320fbeea	fix contextcheck linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-05-07 12:19:41 +02:00
Tim Ramlot	dd4f5f4e39	fix unparam linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-30 10:47:21 +02:00
Tim Ramlot	0306731635	fix asasalint linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 17:45:07 +02:00
Tim Ramlot	24e47ff364	fix predeclared linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 17:32:49 +02:00
Tim Ramlot	d6404482e3	fix loggercheck linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 16:48:59 +02:00
Tim Ramlot	ae98ba806b	fix gocritic linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:50:47 +02:00
Tim Ramlot	042f59d283	fix unused linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:29:00 +02:00
Tim Ramlot	085136068a	fix misspell linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:21:07 +02:00
Tim Ramlot	a8b5178fc5	fix dupword linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Tim Ramlot	9db044b232	fix gci linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Erik Godding Boye	003c1b12e8	Promote AdditionalCertificateOutputFormats feature gate to Beta and enable by default Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2024-04-28 17:29:35 +02:00
Adam Talbot	a7f089b64c	feat: graduate gateway-api to beta and enable by default Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-04-25 17:05:58 +01:00
Tim Ramlot	20fa3169bf	Merge pull request #6927 from yj-yoo/remove_deprecated_function Graduate 'DisallowInsecureCSRUsageDefinition' to GA	2024-04-24 15:23:42 +01:00
Sankalp Yengaldas	adc7cd0f06	add testcases and generate deepcopy methods Signed-off-by: Sankalp Yengaldas <sankalp.yb@fmr.com>	2024-04-24 10:14:31 -04:00
Youngjun	d2988a906a	refectoring: remove deprecated function - remove deprecated function - comment update beta to ga (and version) Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 22:57:52 +09:00
Youngjun	237dfd9f0d	refectoring: remove unnecessary code Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 14:24:59 +09:00
jetstack-bot	b61de55abd	Merge pull request #6865 from wallrj/5803-cert-manager-user-agent-venafi-issuer Add user-agent header in requests to Venafi API	2024-03-27 15:33:00 +01:00
deterclosed	e50052aded	chore: remove repetitive words Signed-off-by: deterclosed <fliter@outlook.com>	2024-03-23 13:37:59 +08:00
Richard Wall	95a347cbc2	Supply tests with a non-nil REST config in controller.Context Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 12:21:48 +00:00
Richard Wall	cca333d1db	Supply User-Agent string to the Venafi controllers Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-03-20 11:35:10 +00:00
Mangesh Hambarde	f3bfc93bba	JSON encoded secretTemplate as Ingress annotation Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:37:28 +00:00
Mangesh Hambarde	717269e809	Add tests Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Mangesh Hambarde	efe2e06288	New Ingress annotation for copying custom annotations to secret template Signed-off-by: Mangesh Hambarde <1411192+mangeshhambarde@users.noreply.github.com>	2024-03-13 14:18:21 +00:00
Tim Ramlot	23373e4323	correctly initialize loggers, create contexts and pass contexts Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-08 14:32:31 +01:00
Bill Waldrep	d4911ebfaa	Add optional flag to specify jks keystore alias. Previously the JKS keystore alias was hardcoded to "certificate". This change adds an optional configuration point to allow users to specify a custom keystore alias. If the flag is omitted we will default to the previous behavior. Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 13:23:09 -05:00
Bill Waldrep	bf3d202c72	add new utility method to clarify cert decoding semantics Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 12:47:27 -05:00
Bill Waldrep	251610d951	include full CA chain contents in encoded pkcs12/jks stores Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-02-28 11:50:19 -05:00
Tim Ramlot	6c6d18d0b8	remove the github.com/pkg/errors as a direct dependency Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-22 19:52:00 +01:00
jetstack-bot	f643eef2b2	Merge pull request #6755 from import-shiburin/master bugfix: wrong certificate chain is used if preferredChain is configured	2024-02-20 15:29:07 +00:00
Tim Ramlot	b77910d785	change signature of SetCertificateDuration and SetCertificateRenewBefore Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:40:38 +01:00
Tim Ramlot	0ed660873e	fix incorrect comments and error messages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 19:49:28 +01:00
Tim Ramlot	205067b834	update tests to match the current Let's encrypt setup Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:45 +01:00
Tim Ramlot	672aad41bf	don't call ListCertAlternates if default chain matches the preferred chain Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:22 +01:00
Sam Lee	ff5c4103a0	remove URL verification from alternateCertChain tests Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:42:00 +09:00
Sam Lee	94509d0490	changed term 'alt' to 'preferred' Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:12:53 +09:00
Sam Lee	b9ac41726c	make getAltCertChain checks only topmost certificate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Sam Lee	811cc7908e	fix getAltCertChain not considering primary chain as candidate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Tim Ramlot	ffb47e52fa	remove dead & deprecated code from cert-manager codebase Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-10 17:22:23 +01:00

1 2 3 4 5 ...

1487 Commits