weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
8,452 Commits 45 Branches 0 Tags 96 MiB
a8bb63f0fc
Commit Graph

142 Commits

Author SHA1 Message Date
jetstack-bot
a1c134e78c
Merge pull request #6574 from ThatsMrTalbot/tls-metrics-endpoint 
feat: add tls to metrics endpoint
 2024-01-10 14:48:17 +00:00
Adam Talbot
d27fcc2762 refactor: refactored metrics server code into internal package 
Signed-off-by: Adam Talbot <adam.talbot@venafi.com>
 2024-01-04 15:49:25 +00:00
Richard Wall
036e3a8e74 Replace all uses of sets.String with the generic sets.Set 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2024-01-02 17:24:38 +00:00
Adam Talbot
ae143c15f6 feat: add tls to metrics endpoint 
Signed-off-by: Adam Talbot <adam.talbot@venafi.com>
 2023-12-27 17:15:00 +00:00
Tim Ramlot
f1b895247e
simplify configfile loading logic 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-17 13:12:33 +02:00
Tim Ramlot
f50167ce31
restructure the controller configfile 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-10 11:30:33 +02:00
Cody W. Eilar
282a6d58a9 Preserve internal types 
- Needed to add custom conversion functions to handle conversions from
  public facing types to internal ones.

Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
Cody W. Eilar
6212b63e51 Address the non-optional values in internal config 
- This  commit changes the internal config to have fewer number of
  optional parameters.  It changes the types to match the ones that are
  already present in https://github.com/kubernetes/apimachinery/blob/master/pkg/apis/meta/v1/conversion.go
  so that custom converters do not have to be written for types "int"
  and "float32".

Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
Cody W. Eilar
1243fe285b Add to ability to start controller with config file 
Signed-off-by: Cody W. Eilar <ecody@vmware.com>
 2023-07-27 16:44:38 -07:00
Florian Liebhart
b6dbee68d4 update code comment on the recursive nameserver flag 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 17:25:48 +02:00
Florian Liebhart
601c06c9c9 add newline 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 16:39:49 +02:00
Florian Liebhart
876c39b4c9 reorganize import 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 16:38:23 +02:00
Florian Liebhart
9ef3edcd95 update doku on flags 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 15:42:28 +02:00
Florian Liebhart
8c5181c667 remove trailing comma 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 10:25:03 +02:00
Florian Liebhart
91df28e4f5 update flag documentation 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 10:18:24 +02:00
Florian Liebhart
717cccb586 add tests for DoH; include some flag documentation 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-20 10:16:51 +02:00
Florian Liebhart
9ddf2bab90 remove HTTPS endpoint for default nameservers; remove DNS-over-TLS 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 16:06:39 +02:00
Tim Ramlot
3a29635c66
add support for DoH and DoT 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-06-19 15:59:40 +02:00
Florian Liebhart
153c0b5fbf remove bazel 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Florian Liebhart
894e1f99d6 fix error for dns endpoint propagation 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Florian Liebhart
cd821e1948 fix controller options description 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Florian Liebhart
a934bbf462 Make the DNS-Over-HTTPS Json endpoint configurable 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Florian Liebhart
14c5e7724d delete bazel stuff 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Florian Liebhart
fa2f063c28 rebase master 
Signed-off-by: Florian Liebhart <flo.liebhart@gmail.com>
 2023-06-19 15:32:01 +02:00
Tim Ramlot
5091a3bff4
use same logging flags for every cli and simplify flag logic 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-05-05 18:08:29 +02:00
Michael Malov
99e23d5e93
Add support for json logging format 
Signed-off-by: Michael Malov <14035243+malovme@users.noreply.github.com>
 2023-05-05 18:01:16 +02:00
Richard Wall
901538c24e Hide the new healthz server flags 
We are unsure about the implementation of the healthz server as a separate HTTP
server. and we may need to change it in a future release, so we want to avoid
users overriding these flags, for now.

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2023-05-04 11:22:21 +01:00
Richard Wall
b92482e041 Use a named port 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2023-04-26 13:04:52 +01:00
Richard Wall
1fd11906c0 Listen on all interfaces 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2023-04-26 12:45:58 +01:00
Richard Wall
4d182e9c7b Add /livez endpoint which reports the leaderElection status 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2023-04-26 07:53:26 +01:00
Tim Ramlot
1c23f408a7
add NumberOfConcurrentWorkers flag 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-04-11 14:03:59 +02:00
Tim Ramlot
f36c06f10d
move cmd/util/ to internal/cmd/util/, since it is also imported by packages outside of cmd/ 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-02-28 12:38:59 +01:00
Corey McGalliard
7e6e0940a2 updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive 
Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>
 2022-11-16 11:20:36 -05:00
irbekrm
584147df37 Document that pod template spec should be used instead of flags 
For configuring ACME HTTP-01 solver pod

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-08-09 15:26:10 +01:00
Ashley Davis
fb231ab641
Remove bazel 🎉 
This removes all .bazel and .bzl files, and a bunch of scripts relating
to bazel, now that it's been entirely replaced.

There are still a few places where traces could be removed, but this
removes the brunt of the bazel stuff that remains.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-07-26 11:38:50 +01:00
irbekrm
75b205021d Corrects the --dns01-check-retry-period flag description 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-09 12:09:39 +01:00
Jake Sanders
f225637e20
Relax the validation on the default Issuer Kind for certificate-shim 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-02-08 13:50:13 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
jetstack-bot
fa321b6a4b
Merge pull request #4287 from linka-cloud/acme-http-challenge-cutomer-dns 
Acme http challenge custom dns
 2022-01-11 11:24:03 +00:00
James Munnelly
9c04a04c7c Move feature package into internal/controller 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:17:36 +00:00
Adphi
3375fa0609
http01: add custom nameservers support (#4286) 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
 2022-01-06 21:02:46 +01:00
jetstack-bot
f61d534975
Merge pull request #4550 from irbekrm/pprof 
Pprof
 2021-10-26 11:20:40 +01:00
irbekrm
7b6eeff457 Profiler address for controller can now be configured 
Ensures that pprof is configured for controller in the same way as for cainjector

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-26 12:20:42 +03:00
irbekrm
4d4a383cb7 Removes deprecated dns01-self-check-nameservers flag 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-25 08:43:08 +03:00
Johan Fleury
ef32714434
Make leader election defaults consistent 
Signed-off-by: Johan Fleury <jfleury@arcaik.net>
 2021-08-13 12:14:40 -04:00
Jake Sanders
36aa9e2501
The gateway-api support is now gated behind --feature-gate=ExperimentalGatewayAPISupport=true 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-08-05 14:37:54 +01:00
irbekrm
2ddf6fe637 Allows for annotations passed from CSR to Order to be filtered 
Using the value from copied-annotation-prefixes flag, where by default kubectl, fluxcd, argocd annotations are excluded

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-07-27 10:55:09 +01:00
Irbe Krumina
3834a8fc0a Code review feedback 
Co-authored-by: Josh Van Leeuwen <joshua.vanleeuwen@jetstack.io>
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-07-26 20:00:37 +01:00
irbekrm
ddf7e130b7 Allow users to specify which annotations should be copied from Certificate to CertificateRequest 
Default to all being copied except for kubectl, fluxcd, argocd annotations

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-07-26 20:00:10 +01:00
joshvanl
b041a8fb3d Wires up ACME CSR controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-07-23 16:00:09 +01:00