weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
1,769 Commits 45 Branches 0 Tags 96 MiB
b0a9b8276c
Commit Graph

155 Commits

Author SHA1 Message Date
James Munnelly
8d3d095a29 Add 'isCA' field to Certificate spec 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2018-08-14 10:32:48 +01:00
Max Ehrlich
b1eadabf42
Change wording from "accounts" to "account" 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:32:14 -04:00
Max Ehrlich
0209938c94
Add validation logic 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:32:13 -04:00
Max Ehrlich
f369d691fe
Keeping names consistent again 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:31:42 -04:00
Max Ehrlich
5695b867f6
Keep naming consistent 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:30:34 -04:00
Max Ehrlich
f7a42fb9fd
Add acme-dns issuer config to the issuer definition and update docs 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:30:33 -04:00
Max Ehrlich
8251d96c21
Add acme-dns issuer to provider configuration 
Signed-off-by: Max Ehrlich <max.ehr@gmail.com>
 2018-08-13 13:30:33 -04:00
James Munnelly
51195e4c5f Update license header and add header to every file 
Signed-off-by: James Munnelly <james.munnelly@jetstack.io>
 2018-08-13 15:53:37 +01:00
James Munnelly
61a27d3b6c Update validation to use consts moved into pkg/controller 2018-08-07 16:13:46 +01:00
James Munnelly
7346240830 Update codebase for refactored API type names 2018-08-07 14:16:53 +01:00
James Munnelly
3e95b9410c Update generated files 2018-08-07 14:16:49 +01:00
James Munnelly
f46f99a1cb Rename API types (keeping API surface identical) 2018-08-07 14:08:31 +01:00
James Munnelly
29eb04adfe Move API types into separate files 2018-08-07 11:48:38 +01:00
James Munnelly
fcf812c654 Add OWNERS files to auto-label PRs. Mark apis directory as requiring a review by @munnerz. 2018-07-26 13:01:58 +01:00
Louis Taylor
791488e2ed
Better test coverage 2018-07-26 10:50:28 +01:00
Louis Taylor
474c8ed27f
Add extra testcase 2018-07-25 17:41:05 +01:00
Louis Taylor
db5383051e
Remove duplicated check 2018-07-25 15:55:19 +01:00
Louis Taylor
aa60a41591
Add tests 2018-07-25 15:44:25 +01:00
Louis Taylor
cdae8cbce8
Add base issuer validation 2018-07-25 15:44:06 +01:00
jetstack-bot
6348c6ffca
Merge pull request #722 from autonomic-ai/support-ec-keys 
Add keyAlgorithm and keySize fields to Certificates, and support ECDSA keys
 2018-07-18 10:00:36 +01:00
Afolabi Badmos
445e522432 Add support for EC keys 
- This PR adds two fields to CertificateSpec:
  - `keyAlgorithm`, denotes which algorithm to use when generating
    a private key. Can be either `rsa` or `ecdsa`. When not set, the
    default algorithm used `rsa`.
  - `keySize`, denotes the key size of the private key being generated.
    For `rsa`, minimum key size is 2048 and maximum is 8192.
    For `ecdsa`, sizes 224, 256, 384 & 521 are supported.
    See https://golang.org/pkg/crypto/elliptic

- `keySize` can be set without being explicit about `keyAlgorithm`.
  - If `keySize` is specified and `keyAlgorithm` is not provided, `rsa` will
    be used as the key algorithm.

- `keyAlgorithm` can be set without being explicit about `keySize`.
  - If `keyAlgorithm` is specified and `keySize` is not provided, key size
    key size of `256` will be used for `ecdsa` key algorithm and
    key size of `2048` will be used for `rsa` key algorithm.

- helper functions in `pki` package now return crypto.PrivateKey
 2018-07-17 12:42:07 -04:00
Vincent Desjardins
7fae0fccf1 code review fixes 2018-07-11 16:00:39 +00:00
Vincent Desjardins
ca3b909cb7 code review modifications 2018-07-11 16:00:39 +00:00
Vincent Desjardins
2995cc90a3 Vault: configurable appRole authentication path 2018-07-11 16:00:39 +00:00
Louis Taylor
d60f4b447e
Apply cert name label to created secrets 2018-07-06 18:02:13 +01:00
jetstack-bot
c48a38ae17
Merge pull request #644 from munnerz/ref-docs 
Add script for generating reference docs
 2018-07-05 15:12:41 +01:00
James Munnelly
2014183a57 Add script for generating reference docs 2018-07-05 14:47:32 +01:00
James Munnelly
d61838d901 Prevent panics in v1alpha1 helpers.go 2018-07-05 11:43:19 +01:00
James Munnelly
c55e7661b2 Add unit tests for resource validation 2018-06-26 14:59:48 +01:00
James Munnelly
951b72bba0 Add basic resource validation at start of sync loops 2018-06-26 14:59:48 +01:00
James Munnelly
0c05e15024 Run hack/update-codegen.sh 2018-06-08 15:48:30 +01:00
James Munnelly
6cfdc62f6b Add self signed Issuer type 2018-06-08 15:48:30 +01:00
Krzysztof Nazarewski
dfe0a5ebd4
typo fix 2018-05-10 12:49:48 +02:00
Vincent Desjardins
b256e02a98 rename fields in Vault appRole credentials 2018-05-03 03:30:43 +00:00
Vincent Desjardins
b35343786e Vault issuer support 
vault remove duration
 2018-05-02 00:45:55 +00:00
James Munnelly
d573e30878 Only perform one validation per identifier for a single order at a time 2018-04-25 19:02:15 +01:00
James Munnelly
70dde521a1 Set status conditions on validation success. Call WaitOrder instead of GetOrder in issue. 2018-04-11 23:30:54 +01:00
James Munnelly
9aa3bb52a3 Fix invalid json tags 2018-04-09 19:44:16 +01:00
James Munnelly
6f974ee5ad Run hack/update-codegen.sh 2018-04-09 17:17:01 +01:00
James Munnelly
b934852775 Merge branch 'master' into acmev2 2018-04-09 16:52:34 +01:00
James Munnelly
4b361348ef Rewrite ACME issuer to use new ACMEOrderChallenge struct 2018-04-09 15:40:32 +01:00
James Munnelly
d3706ae33c Add ACMEOrderChallenge struct 2018-04-09 15:39:43 +01:00
jetstack-bot
7f04c1cd6e
Merge pull request #388 from kragniz/secret-annotations 
Annotate created secrets with cert information
 2018-04-06 10:44:28 +01:00
James Munnelly
da0d45e3f4 Use DialContext in ACMEClient round tripper 2018-04-04 12:30:33 +01:00
James Munnelly
c9dfd408b7 Run gofmt 2018-03-23 18:50:45 +00:00
James Munnelly
0a0747dac7 Move OrderURL into OrderStatus struct and fix up http solver 2018-03-23 18:50:45 +00:00
James Munnelly
7a44cb3e0e Make HTTP challenge solver async 2018-03-23 18:50:45 +00:00
James Munnelly
23f694cf0d Add skipTLSVerify field to ACME issuer spec 2018-03-23 18:50:45 +00:00
James Munnelly
0de2866e33 Add OrderURL api field 2018-03-23 18:50:44 +00:00
Louis Taylor
1669611908
Use defaulting functions 
And also move annotation keys to v1alpha1
 2018-03-12 21:06:23 +00:00
Tom Wieczorek
f681f5a6b1
Add ACME DNS-01 provider for Akamai FastDNS 2018-02-22 09:50:11 +01:00
jetstack-ci-bot
b18acf1d7e
Merge pull request #246 from mwieczorek/azure-dns 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Added Azure DNS support for DNS01 challange 

**What this PR does / why we need it**:
Adds another provider (Azure DNS) for DNS01 challange

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #230 

**Special notes for your reviewer**:

**Release note**:

```release-note
ACME DNS-01 challenge mechanism for Azure DNS
```
 2018-02-21 13:20:30 +00:00
mwieczorek
cc89fe59aa Added Azure DNS support for DNS01 challange 2018-02-13 10:34:06 +01:00
James Munnelly
296f6e334c
Remove unused file 2018-01-24 17:17:41 +00:00
James Munnelly
9c5b7bb1a7 Run hack/update-codegen.sh 2018-01-15 22:07:51 +00:00
James Munnelly
0ed9e8341f Update dates in generated license headers 2018-01-08 20:50:32 +00:00
James Munnelly
fa7e052ac1 Move to github.com/jetstack/cert-manager repo 2017-11-03 16:41:39 +00:00
James Munnelly
2a2ad4160c Regenerate files 2017-11-03 14:48:40 +00:00
James Munnelly
026d107e3a Remove old ImportPrefix field 2017-11-03 12:08:03 +00:00
James Munnelly
22ed25955d Merge pull request #119 from jetstack-experimental/auth-per-acc 
Check authorizations account URI before attempting to reuse authorization
 2017-10-13 17:10:17 +01:00
James Munnelly
a9eb7ee8a7 Check authorizations account URI before attempting to reuse authorization 2017-10-13 16:56:05 +01:00
James Munnelly
7060fb5019 http-01 -> http01, dns-01 -> dns01 2017-10-13 16:45:04 +01:00
James Munnelly
c7a83606ce Merge pull request #115 from jetstack-experimental/explicity-challenge-mech 
Add HTTP01 field to issuer.spec. Default HTTP01 challenges to disabled.
 2017-10-13 15:37:39 +01:00
James Munnelly
79c775e389 Add HTTP01 field to issuer.spec. Default HTTP01 challenges to disabled. 2017-10-13 14:54:26 +01:00
James Munnelly
bd9c202cbb regenerate files 2017-10-13 13:37:56 +01:00
James Munnelly
a3fc5d9eaa Rename altNames to dnsNames 2017-10-13 13:31:52 +01:00
James Munnelly
ae1173dcec Regenerate files 2017-10-13 12:50:07 +01:00
James Munnelly
f8107e6fcc Use CommonName and AltNames fields on Certificate resource 2017-10-13 12:50:07 +01:00
James Munnelly
2d0e81fc95 Regenerate files 2017-10-13 11:56:33 +01:00
James Munnelly
6ae8fbbbb2 Standardise SecretKeySelector field naming 2017-10-13 11:23:20 +01:00
James Munnelly
7b30b80dc5 Update ClusterIssuer to use 'kind' field instead of 'namespace' 2017-10-12 20:06:29 +01:00
James Munnelly
dc608f709d Support Certificates referencing ClusterIssuers 2017-09-22 01:46:05 +01:00
James Munnelly
e7ebb10402 Add ClusterIssuer helpers. Add GenericIssuer interface. 2017-09-21 23:19:29 +01:00
James Munnelly
dd63a09fa9 regenerate files 2017-09-21 23:18:58 +01:00
James Munnelly
1c7a70134a Add ClusterIssuer types 2017-09-21 23:18:40 +01:00
James Munnelly
28570b508f Merge pull request #98 from jetstack-experimental/typo 
Fix typo acme->authorizations
 2017-09-21 19:56:45 +01:00
James Munnelly
be7ea0da7e Fix typo acme->authorizations 2017-09-19 16:43:44 +01:00
James Munnelly
20e8996245 Remove duplicate helper methods 2017-09-11 10:48:53 +01:00
James Munnelly
977573db9d Put UpdateStatus on *Issuer and *Certificate 2017-09-11 10:47:59 +01:00
James Munnelly
c2cbbe0145 Add CA field to Issuer 2017-09-11 10:47:58 +01:00
James Munnelly
98daf0b1ba Add events for ACME prepare method 2017-09-11 02:02:00 +01:00
James Munnelly
e02fbd405a Regenerate files 2017-09-11 01:31:00 +01:00
James Munnelly
c3fc810a5e Add CertificateStatusCondition types 2017-09-11 01:30:51 +01:00
James Munnelly
d0e02d3d4e Make UpdateStatusCondition work on a *Issuer 2017-09-10 23:07:06 +01:00
James Munnelly
329ffab15a Make Certificate loop use Issuer conditions 2017-09-08 22:37:48 +01:00
James Munnelly
4aca4c1fa7 Regenerate files 2017-09-08 22:21:43 +01:00
James Munnelly
486c0478c0 Add Conditions types. Move helpers into helpers.go 2017-09-08 22:21:09 +01:00
James Munnelly
d5394b5096 Verify default and deepcopy code. Remove internal listers. 2017-08-22 12:22:58 +01:00
James Munnelly
39ea0a3064 Upgrade to use latest code-generators. Remove internal API version. 2017-08-22 12:12:46 +01:00
Christian Simon
0457c4a401 Update generated code for route53 2017-08-09 12:18:01 +01:00
Christian Simon
301edc7812 Implement provider route 53 2017-08-09 12:17:56 +01:00
James Munnelly
5be9dbdd9e Enable golang tests 2017-08-08 11:34:48 +01:00
James Munnelly
d07bef4688 Update generated files 2017-08-07 18:28:52 +01:00
James Munnelly
ee8d34c16f Add cloudflare dns01 provider 2017-08-07 18:28:35 +01:00
James Munnelly
cf6faacd56 Update Issuer CloudDNS config service account to use a SecretKeySelector 2017-08-07 18:07:33 +01:00
James Munnelly
7937b0384c Update import paths 2017-08-07 14:46:58 +01:00
James Munnelly
080983f768 Add omitempty to ingressClass 2017-08-07 13:58:50 +01:00
James Munnelly
3fb49ad049 Refactor control loops to be more akin to kube-controller-manager 2017-08-05 00:35:54 +01:00
James Munnelly
92d4fef10e Update k8s.io dependencies. Update to new DeepCopy generator. 2017-07-22 13:47:38 +01:00
James Munnelly
630654a6d4 Update import paths 2017-07-22 12:19:40 +01:00