cert-manager

Author	SHA1	Message	Date
Tim Ramlot	9dcb422164	use errors.Is() Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 19:33:01 +01:00
Tim Ramlot	f4ae942b8e	add test that validates leaderelection behavior Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 19:22:38 +01:00
Tim Ramlot	b32382fead	improve the dynamic source implementation and add a lot of unit tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-11 15:10:39 +01:00
Tim Ramlot	23373e4323	correctly initialize loggers, create contexts and pass contexts Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-03-08 14:32:31 +01:00
Bill Waldrep	d4911ebfaa	Add optional flag to specify jks keystore alias. Previously the JKS keystore alias was hardcoded to "certificate". This change adds an optional configuration point to allow users to specify a custom keystore alias. If the flag is omitted we will default to the previous behavior. Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 13:23:09 -05:00
Bill Waldrep	bf3d202c72	add new utility method to clarify cert decoding semantics Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-03-04 12:47:27 -05:00
Bill Waldrep	251610d951	include full CA chain contents in encoded pkcs12/jks stores Signed-off-by: Bill Waldrep <bwaldrep@palantir.com>	2024-02-28 11:50:19 -05:00
Tim Ramlot	6c6d18d0b8	remove the github.com/pkg/errors as a direct dependency Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-22 19:52:00 +01:00
jetstack-bot	59676d2c63	Merge pull request #6785 from arcezd/fix-cert-manager-docs fix: SecretName description for DynamicServingConfig	2024-02-22 14:46:44 +00:00
jetstack-bot	b65ccfa1b5	Merge pull request #6761 from inteon/add_custom_dn_parse Stop using github.com/go-ldap/ldap/v3 ParseDN and use a custom ParseDN function instead	2024-02-22 12:40:43 +00:00
Diego Arce	83e0f95e58	fix: SecretName description for DynamicServingConfig Signed-off-by: Diego Arce <diego@arce.cr>	2024-02-21 23:12:43 -06:00
Tim Ramlot	8fd62df268	fix broken json logging Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-21 11:27:31 +01:00
jetstack-bot	f643eef2b2	Merge pull request #6755 from import-shiburin/master bugfix: wrong certificate chain is used if preferredChain is configured	2024-02-20 15:29:07 +00:00
Tim Ramlot	b77910d785	change signature of SetCertificateDuration and SetCertificateRenewBefore Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:40:38 +01:00
Tim Ramlot	ed280d28cd	update test, with new error message Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	99942446ff	add benchmark Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	0f078859de	add error case to DNParse tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
Tim Ramlot	a2b3cc81c3	stop using github.com/go-ldap/ldap/v3 ParseDN and use a custom ParseDN function instead Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-20 08:34:53 +01:00
jetstack-bot	d642df3b5f	Merge pull request #6770 from inteon/dn_parse_quick_fix Fix a memory bug in ldap's ParseDN function by disabling part of the functionality	2024-02-19 15:02:30 +00:00
Tim Ramlot	4a8b8c4e09	Fix a memory bug in ldap's ParseDN function by disabling part of the functionality Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-19 12:55:06 +01:00
Yuedong Wu	baa73aa8ee	fix webhook validation error msg and use commonName variable value Signed-off-by: Yuedong Wu <dwcn22@outlook.com>	2024-02-19 10:16:38 +08:00
Tim Ramlot	0ed660873e	fix incorrect comments and error messages Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 19:49:28 +01:00
jetstack-bot	7f92e38988	Merge pull request #6614 from rodrigorfk/feat-vault-mtls feat: Add the ability to communicate with Vault via mTLS	2024-02-16 18:11:26 +00:00
Tim Ramlot	205067b834	update tests to match the current Let's encrypt setup Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:45 +01:00
Tim Ramlot	672aad41bf	don't call ListCertAlternates if default chain matches the preferred chain Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-16 15:23:22 +01:00
Sam Lee	ff5c4103a0	remove URL verification from alternateCertChain tests Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:42:00 +09:00
Sam Lee	94509d0490	changed term 'alt' to 'preferred' Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 22:12:53 +09:00
Sam Lee	b9ac41726c	make getAltCertChain checks only topmost certificate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Sam Lee	811cc7908e	fix getAltCertChain not considering primary chain as candidate Signed-off-by: Sam Lee <me@shibuya-rin.moe>	2024-02-13 19:10:16 +09:00
Tim Ramlot	23ab96de91	use unstructured.Unstructured in Mutation webhook Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 11:11:33 +01:00
Tim Ramlot	b9a216cdfc	Simplify webhook and switch Webhook to controller-runtime. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-12 10:55:32 +01:00
Tim Ramlot	ffb47e52fa	remove dead & deprecated code from cert-manager codebase Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-10 17:22:23 +01:00
jetstack-bot	c4c0fd3268	Merge pull request #6744 from andrey-dubnik/master Move token audiences under the SA ref for the Vault kubernetes auth	2024-02-09 11:58:18 +00:00
Tim Ramlot	c3b8cbd608	improve comment that explains what removeReqID does and when it fails Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:20:36 +01:00
Tim Ramlot	06b3cd3372	add testcase for nested errors Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
Tim Ramlot	deab9548c0	use errors.Is instead of errors.As Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
Tim Ramlot	893d30d938	migrate to github.com/aws/aws-sdk-go-v2 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 17:15:28 +01:00
cloudwiz	75d1449903	move audiences under the SA ref Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-08 14:07:03 +00:00
Tim Ramlot	04220447bc	remove deprecated files and functions Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-08 10:45:06 +01:00
jetstack-bot	968ad2f9ed	Merge pull request #6724 from inteon/fix_sans_critical Fix changed behavior: set critical flag of SANs extension based on subject	2024-02-07 13:55:30 +00:00
Adam Talbot	a8bb63f0fc	fix: move server package out of internal Currently the TLS code here is imported by the approver-policy project. Long term we should break this code out to a new package, for now we can just move it out internal to unblock our ability to update the approver-policy imports. Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-02-07 11:31:17 +00:00
Tim Ramlot	0acde5b1a4	fix changed behavior: set critical flag of SANs extension based on subject Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-07 11:01:34 +01:00
cloudwiz	624f874d69	updated spelling and generated CRDs Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 15:06:31 +00:00
cloudwiz	9cf9cb7ea5	Vault extra audiences (#3 ) --------- Signed-off-by: cloudwiz <andrey.dubnik@maersk.com>	2024-02-06 10:06:17 +00:00
Tim Ramlot	899d55ae57	remove webhook conversion logic Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-02-02 11:19:08 +01:00
Tim Ramlot	5b8c1213b6	redact the body of failed authentication requests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-31 10:05:00 +01:00
jetstack-bot	0b33337f1d	Merge pull request #6679 from wallrj/remove-DisableInstanceDiscovery-field Remove unnecessary Azure workload identity setting: DisableInstanceDiscovery: true	2024-01-30 19:45:27 +00:00
Richard Wall	67e06fce78	A hack to DisableInstanceDiscovery during tests Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-30 18:03:05 +00:00
Tim Ramlot	b9dd4903ad	improve error message logging Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-30 16:55:37 +01:00
Richard Wall	420d3114df	Remove unnecessary Azure workload identity setting: DisableInstanceDiscovery: true Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-30 15:50:05 +00:00

1 2 3 4 5 ...

3374 Commits