weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
2,101 Commits 45 Branches 0 Tags 96 MiB
aeef7dc461
Commit Graph

260 Commits

Author SHA1 Message Date
jetstack-bot
5e3c1a813b
Merge pull request #1250 from munnerz/venafi 
add Venafi Cloud & TPP issuer type
 2019-03-01 19:42:38 +00:00
jetstack-bot
687dcd0db7
Merge pull request #1420 from munnerz/cainjector-apiserverca 
cainjector: support injecting apiserver ca
 2019-03-01 15:19:05 +00:00
James Munnelly
2f67c78f62 Address review feedback 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-03-01 14:37:11 +00:00
James Munnelly
c3f696fa1a Add support for Venafi API types to certificates controller 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-03-01 13:00:55 +00:00
James Munnelly
1618ebde43 Fix loading apiserver caBundle 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-28 19:34:40 +00:00
jetstack-bot
334477ec73
Merge pull request #1392 from munnerz/gen-tmp-selfsigned 
Generate temporary certificate to appease ingress-gce
 2019-02-28 19:20:03 +00:00
James Munnelly
b34adf88ff cainjector: support injecting apiserver ca 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-28 16:45:26 +00:00
Solly Ross
42248a91d7 CA Injector Controller 
This implements a CA injector controller using controller-runtime.
It looks at admission webhooks and APIServices with a particular
annotation, and injects the CA data from certificates.

Signed-off-by: Solly Ross <sollyross@google.com>
 2019-02-26 21:47:34 -08:00
James Munnelly
dfabece6eb Use a one-use CA to sign temporary certificates 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-25 20:48:13 +00:00
James Munnelly
cf2f9eac74 Generate a temporary certificate whilst waiting for Issuer to issue 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-25 17:48:22 +00:00
jetstack-bot
01903f06ba
Merge pull request #1384 from munnerz/unit-compare-reading 
Print unit test failures in action matchers as part of failure message
 2019-02-22 18:16:38 +00:00
James Munnelly
439499561c Remove dependence on k8s.io/ingress 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-22 12:34:52 +00:00
James Munnelly
2f30258f0e Switch to klog 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-22 12:34:02 +00:00
James Munnelly
381bed1fd8 Print unit test failures in action matchers as part of failure message 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-20 17:27:31 +00:00
James Munnelly
fe2fcd4e83 go fmt 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 15:00:39 +00:00
James Munnelly
14a1b5373f Update bazel files 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:36:07 +00:00
James Munnelly
1f48f3d1d4 gofmt 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:25:56 +00:00
James Munnelly
bbd73477cd Fixes after rebasing 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:25:56 +00:00
James Munnelly
324e8319b6 Add basic Certificate unit tests 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:25:55 +00:00
James Munnelly
cee0e28a05 Add initial unit test for certificate controller 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:25:55 +00:00
James Munnelly
0bde3dacba Create pkg/api/util and re-arrange controller instantiation code 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:25:54 +00:00
James Munnelly
3a19501e26 Add initial unit test framework for Certificates controller 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:22:36 +00:00
James Munnelly
804240da9d Switch Certificate controller to use Helper struct 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-19 11:22:36 +00:00
jetstack-bot
eafda2a31a
Merge pull request #1307 from munnerz/helper-everywhere 
Use Helper structure to call GetGenericIssuer everywhere
 2019-02-13 13:48:37 +00:00
jetstack-bot
1476aed737
Merge pull request #1293 from munnerz/test-builder-logger 
Plumb testing.T through to test Builder
 2019-02-13 13:48:26 +00:00
jetstack-bot
cb532cc3b8
Merge pull request #1325 from DanielMorsing/caaCheck 
Extend ACME self check to check CAA records
 2019-02-12 16:53:11 +00:00
Daniel Morsing
a01514ad63 use configured nameservers for CAA validation 
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
 2019-02-11 12:05:18 +00:00
James Munnelly
1c4f160169 Use Helper structure to call GetGenericIssuer everywhere 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-07 22:35:17 +00:00
jetstack-bot
fd9567f1e4
Merge pull request #1318 from munnerz/crt-ctrl-use-lister 
Use secretLister in updateSecret
 2019-02-06 16:39:55 +00:00
James Munnelly
094ae3e50c Fix CLI flag not being respected 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-06 16:11:37 +00:00
James Munnelly
fac0a32c7e Fix bug causing certficates to be re-issued with misconfigured renewBefore/duration 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-06 15:43:59 +00:00
James Munnelly
e53312463d Use secretLister in updateSecret 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-02-05 17:56:16 +00:00
Daniel Morsing
bb853e5e79 first draft CAA checking 
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
 2019-02-05 14:25:10 +00:00
jetstack-bot
22b0863801
Merge pull request #1128 from lrolaz/certificate-ip-sans 
Add IP Address in CSR
 2019-01-31 23:05:25 +00:00
James Munnelly
d055d370bb Plumb testing.T through to test Builder 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-31 20:20:20 +00:00
Laurent ROLAZ
ed82465df5 Refactoring 
Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
 2019-01-30 13:04:28 +01:00
Laurent Rolaz
18daea16ae Remove duplicate IPAddressesToString 
Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
 2019-01-25 18:50:16 +01:00
Laurent Rolaz
c5fa202239 Fix some GO Style 
Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com> (+2 squashed commits)
Squashed commits:
[ce6cc2eb] Fix some GO Style

Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
[563b7275] Fix some GO Style

Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
 2019-01-25 18:50:16 +01:00
Laurent Rolaz
531c26061c GO Format 
Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>

Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
 2019-01-25 18:38:12 +01:00
Laurent Rolaz
6dcc408741 Add IP Address in CSR 
Signed-off-by: Laurent Rolaz <laurent.rolaz@gmail.com>
 2019-01-25 18:38:12 +01:00
James Munnelly
948a2cf77c Add more OWNERS files with auto-labels 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-24 19:38:31 +00:00
jetstack-bot
e930bd3ca7
Merge pull request #1244 from DanielMorsing/self-check-errs 
Surface self-check errors in challenge resource
 2019-01-23 14:50:16 +00:00
Daniel Morsing
99c16b77dc fix other test 
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
 2019-01-21 13:33:34 +00:00
Daniel Morsing
b0a9b8276c surface self-check errors in challenge resource 
Signed-off-by: Daniel Morsing <dmo@jetstack.io>
 2019-01-21 11:49:46 +00:00
jetstack-bot
438d0a6775
Merge pull request #1240 from munnerz/expired-orders-no-cert 
Update order status if state changes while retrieving an existing certificate
 2019-01-18 14:28:23 +00:00
James Munnelly
3d1183a169 Fix nil map panic when writing to an empty existing Secret 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-18 11:16:44 +00:00
James Munnelly
c91833f43a Update order status if state changes will retrieving an existing certificate 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-17 18:29:55 +00:00
Daniel Morsing
88d811b34c change Check function signature 
This makes the check function into a simple precondition

Signed-off-by: Daniel Morsing <dmo@jetstack.io>
 2019-01-17 16:45:03 +00:00
James Munnelly
e88e4f4406 If an Order is already valid, attempt to retrieve existing certificate 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-01-17 13:19:04 +00:00
jetstack-bot
5f96b378e6
Merge pull request #1184 from tlmiller/feature/authnss 
Control authoritative dns01 server check.
 2019-01-12 15:25:07 +00:00