weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
1,826 Commits 45 Branches 0 Tags 96 MiB
948a2cf77c
Commit Graph

42 Commits

Author SHA1 Message Date
James Munnelly
425f9c757a Clear issuer account URL if the directory and account URL's hosts differ 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-17 14:36:33 +00:00
James Munnelly
0fcc0c666c Update copyright header year 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-07 15:07:55 +00:00
James Munnelly
f8fe9ef21f Remove requeue option and fix small race in controllers 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-11-29 12:23:21 +00:00
James Munnelly
6006ad6f50 Mark issuer as invalid when parsing URLs fails 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-11-13 16:14:13 +00:00
James Munnelly
b9947e3247 Skip re-checking ACME account status if Issuer is ready and URL hosts match 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-11-13 15:52:15 +00:00
James Munnelly
94e01bb9f1 Refactor ACME account generation 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-10-24 12:41:37 +01:00
James Munnelly
84978d88d8 Add extra comments to acme and pki package 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-10-13 21:05:18 +01:00
James Munnelly
847d0c6152 Refactor controllers to return Response structures 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-10-12 12:40:38 +01:00
James Munnelly
f8b1e653f3 Refactor ACME Issuer to create and manage Order resources 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2018-10-12 12:40:37 +01:00
James Munnelly
51195e4c5f Update license header and add header to every file 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2018-08-13 15:53:37 +01:00
James Munnelly
3781c2d1be Update references to resourceNamespace 2018-08-07 16:13:46 +01:00
James Munnelly
2fcbee05b7 Update ACME issuer 2018-08-07 16:13:46 +01:00
James Munnelly
36f9f356cd Refactor ACME client construction into dedicated ACME package 2018-08-07 15:22:53 +01:00
Afolabi Badmos
445e522432 Add support for EC keys 
- This PR adds two fields to CertificateSpec:
  - `keyAlgorithm`, denotes which algorithm to use when generating
    a private key. Can be either `rsa` or `ecdsa`. When not set, the
    default algorithm used `rsa`.
  - `keySize`, denotes the key size of the private key being generated.
    For `rsa`, minimum key size is 2048 and maximum is 8192.
    For `ecdsa`, sizes 224, 256, 384 & 521 are supported.
    See https://golang.org/pkg/crypto/elliptic

- `keySize` can be set without being explicit about `keyAlgorithm`.
  - If `keySize` is specified and `keyAlgorithm` is not provided, `rsa` will
    be used as the key algorithm.

- `keyAlgorithm` can be set without being explicit about `keySize`.
  - If `keyAlgorithm` is specified and `keySize` is not provided, key size
    key size of `256` will be used for `ecdsa` key algorithm and
    key size of `2048` will be used for `rsa` key algorithm.

- helper functions in `pki` package now return crypto.PrivateKey
 2018-07-17 12:42:07 -04:00
James Munnelly
3fc74f7f86 Set Issuer ready condition to false if ACMEv1 endpoints are used 2018-05-09 14:17:20 +01:00
James Munnelly
8d48e75d6e Use GetAccount to check if acme account is already registered 2018-03-23 18:50:46 +00:00
James Munnelly
0a0747dac7 Move OrderURL into OrderStatus struct and fix up http solver 2018-03-23 18:50:45 +00:00
James Munnelly
eccc3d5a8e Change log level of useful messages 2018-03-23 18:50:45 +00:00
James Munnelly
d0d30a0fc2 Disable check for acme account being valid 2018-03-23 18:50:45 +00:00
James Munnelly
e25f832033 Replace calls to acme.GetAccount with acme.CreateAccount 2018-03-23 18:50:45 +00:00
James Munnelly
8de002a697 Never overwrite an acme private key 2018-03-23 18:50:45 +00:00
James Munnelly
058387cd44 Fix bug causing skipTLSVerify to be ignore during acme registration 2018-03-23 18:50:45 +00:00
James Munnelly
599fa90f57 Agree to terms of service when registering acme account 2018-03-23 18:50:45 +00:00
James Munnelly
7dc50cdea6 Rewrite acme issuer for acme v2 2018-03-23 18:50:44 +00:00
James Munnelly
ea1dc8f58f Fix panic when ACME server returns a genuine error 2018-01-10 11:46:23 +00:00
James Munnelly
fa7e052ac1 Move to github.com/jetstack/cert-manager repo 2017-11-03 16:41:39 +00:00
James Munnelly
eb4be6859e Update controllers and issuers for new SharedInformerFactory 2017-11-03 15:26:19 +00:00
James Munnelly
df47b56a52 Allow rediscovering lost/not set ACME account URIs 2017-10-27 16:09:30 +01:00
James Munnelly
dc22822394 Fix panic in ACME issuer setup 2017-10-26 21:21:48 +01:00
James Munnelly
59e2af767a Perform Issuer/ClusterIssuer status updates in controller 2017-10-16 12:59:46 +01:00
James Munnelly
a2d9733f21 Update implementation for new field names/types 2017-10-13 11:43:52 +01:00
James Munnelly
852e250a69 Add clusterissuer controller 2017-09-22 00:10:42 +01:00
James Munnelly
7c425ee86f Switch issuer implementations to use GenericIssuer 2017-09-21 23:27:41 +01:00
James Munnelly
c4980baaca Use context throughout issuer implementation 2017-09-21 20:45:43 +01:00
James Munnelly
98daf0b1ba Add events for ACME prepare method 2017-09-11 02:02:00 +01:00
James Munnelly
d0e02d3d4e Make UpdateStatusCondition work on a *Issuer 2017-09-10 23:07:06 +01:00
James Munnelly
89588bb281 Split GetKeyPair method into two methods 2017-09-10 22:54:55 +01:00
James Munnelly
2e551f58b5 Update ACME implementation for new structure. Add util/pki. 2017-09-10 21:13:37 +01:00
James Munnelly
f66855bd03 Add event recording. Split out cmd entrypoint. 2017-09-09 18:27:35 +01:00
James Munnelly
a958f4462d Switch to using Conditions for Issuer status 2017-09-08 22:22:00 +01:00
James Munnelly
00389b6da3 Refactor Issuer interface to allow returning updated Status 2017-09-08 21:41:15 +01:00
James Munnelly
3fb49ad049 Refactor control loops to be more akin to kube-controller-manager 2017-08-05 00:35:54 +01:00