cert-manager

Author	SHA1	Message	Date
Tim Ramlot	41404a7fd7	rename UseCertificateRequestNameConstraints to NameConstraints Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 15:49:18 +01:00
jetstack-bot	cc8925ae9f	Merge pull request #6404 from SpectralHiss/hef/otherNameSANs Other name sans support in Certificates	2024-01-03 14:16:23 +00:00
Tim Ramlot	8223df9e91	rename Algorithms to Profile Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 13:45:02 +01:00
Norwin Schnyder	ebf58b9967	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-15 10:52:57 +01:00
SpectralHiss	4bdee5f010	Rename otherNameSANs to otherNames * Improve the CRD godoc comments Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 16:21:56 +00:00
Norwin Schnyder	b8ad8a3704	apply PR feedback Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-13 12:00:39 +00:00
Tim Ramlot	721f71ed60	Refactor the solution Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:37:21 +00:00
Norwin Schnyder	56dcb3e1dd	enhance unit tests Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-12 15:06:57 +00:00
Norwin Schnyder	b8f4f3b518	pkcs12 encoding with different algorithms Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>	2023-12-12 14:27:00 +00:00
tanujd11	589030dec1	feature: added name constraints Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:31 +05:30
Tim Ramlot	6f7ebbed7b	replace deprecated pkcs12 function call with pkcs12.LegacyRC2 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-11-27 12:32:19 +01:00
Tim Ramlot	15bc387da6	make changes based on feedback Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-13 19:42:13 +02:00
Tim Ramlot	e63d061269	add tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 13:48:01 +02:00
Tim Ramlot	d40dae9d67	Fix DuplicateSecretName issue Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 13:47:44 +02:00
Tim Ramlot	860df2294b	fix feedback: make hash secure Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-21 13:24:07 +02:00
Tim Ramlot	fa2d9333e3	BUGFIX: CertificateRequest short names must be unique. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-09-20 14:51:24 +02:00
jetstack-bot	3216d18f84	Merge pull request #6298 from inteon/feature_gates Feature gates: promote StableCertificateRequestName and SecretsFilteredCaching to Beta	2023-08-30 19:25:45 +02:00
Tim Ramlot	cf8e37291a	replace k8s.io/utils/pointer with k8s.io/utils/ptr Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-28 09:33:10 +02:00
Tim Ramlot	68cbbf8c42	update tests to work with StableCertificateRequestName featuregate being enabled by default Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-25 21:32:08 +02:00
guiyong.ou	ad27e88a4b	fix small possible Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>	2023-08-14 19:51:52 +08:00
guiyong.ou	3d76c20f51	cleanup: some redundant code clean up Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>	2023-08-14 17:36:25 +08:00
Tim Ramlot	36ddf19e2e	improve Trigger, Readiness and PostIssuance Policy chains Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-07-24 09:42:19 +02:00
Tim Ramlot	a9339849e5	improve label and annotation checks Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-23 17:05:42 +02:00
jetstack-bot	4d1486bbfc	Merge pull request #6168 from inteon/add_public_key_match Add SecretPublicKeysDiffersFromCurrentCertificateRequest check	2023-06-23 16:55:40 +02:00
Tim Ramlot	19377b43b1	fix feedback from @wallrj Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-21 15:31:20 +02:00
Tim Ramlot	82499eb75b	fix failing TestNewReadinessPolicyChain test Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-20 19:06:02 +02:00
Tim Ramlot	9000a06956	BUGFIX: we incidentally removed the feature gate check that enables the UseCertificateRequestBasicConstraints feature Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-14 21:31:25 +02:00
Tim Ramlot	fe4f4e4aa6	re-add TODO comment and make the message more clear Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-14 14:51:39 +02:00
Tim Ramlot	8ddf016b00	fix a bug that caused the issuer-ref and certificate-name annotations on Secrets to be correct when being updated. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-13 16:54:32 +02:00
irbekrm	b1a59164e0	Don't import controller's feature gate setup into a shared library To prevent controller's feature gates from overwriting other component's feature gates Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-05-23 12:01:30 +01:00
Tim Ramlot	0cf0f80b40	switch to non-deprecated functions in source code Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-10 19:22:49 +02:00
Tim Ramlot	e08a13496d	replace deprecated wait.PollUntil() and wait.Poll() Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-09 17:47:53 +02:00
jetstack-bot	50501d2f64	Merge pull request #5824 from irbekrm/controller_partial_metadata Controller partial metadata	2023-04-06 15:38:02 +01:00
irbekrm	de34694516	Makes some updates to CertificateRequests design The design is out of date in general though Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-27 09:57:44 +01:00
irbekrm	f5ea958317	Issuing controller fails issuances for denied/invalid CRs This is not necessarily a breaking change as this appears to have been the current behaviour in most cases due to the race condition that this commit fixes Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-24 15:37:57 +00:00
irbekrm	7d592a8270	Swap upstream core informers factory with out wrapper This does not actually change how the informers work. This also adds a partial metadata client to root context Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-22 09:03:16 +00:00
irbekrm	5d7614ddd4	Passes controller context into all NewController funcs Instead of individual arguments. For readability and consistency. Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-22 09:03:16 +00:00
Tim Ramlot	191e7ca305	add (deprecated) stub functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-01-23 13:26:37 +01:00
Tim Ramlot	23de5240e9	move utility functions to reduce fragmentation and rename functions for consistency Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-01-23 13:19:39 +01:00
jetstack-bot	1038ca4494	Merge pull request #4502 from ctrought/master support subject and email annotations for ingress/gateway	2023-01-20 14:35:37 +00:00
irbekrm	5e8fd7dc41	Policy check ensures that cert.sepc.secretName secret gets labelled Makes sure that when an unlabelled Secret is encountered at any point (even outside issuance) it will be labelled Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-01-06 18:31:31 +00:00
irbekrm	213949a590	Keymanager controller ensures that temporary private key Secrets are labelled Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-01-06 18:30:34 +00:00
irbekrm	c7465fd921	Issuing controller ensures that cert.spec.secretName secrets are labelled Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-01-06 18:29:51 +00:00
Sathyanarayanan Saravanamuthu	f719247d2b	Addressing review comments Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu	94fa9eeee6	Addressing review comments Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu	42ae76ae30	Refreshing secrets when the keystore fields change Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu	2969202fe2	Addressing review comments Co-authored-by: Cody W Eilar <ecody@vmware.com> Signed-off-by: Cody W Eilar <ecody@vmware.com> Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-10-11 17:22:38 +05:30
Sathyanarayanan Saravanamuthu	40947b0ef4	Generate Certificate Request with predictable name Co-authored-by: Cody W Eilar <ecody@vmware.com> Signed-off-by: Cody W Eilar <ecody@vmware.com> Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-10-11 17:01:26 +05:30
Tim Ramlot	e917e4a103	log more information on why the get CertificateRequest request failed Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-10-05 18:53:53 +02:00
Tim Ramlot	39fa9f51b4	upgrade dependencies Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-09-26 11:43:12 +02:00

1 2 3 4 5 ...

527 Commits