weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
6,296 Commits 45 Branches 0 Tags 96 MiB
b2e63dbed3
Commit Graph

2682 Commits

Author SHA1 Message Date
James Munnelly
5d7df17a24 pkg/webhook/authority: extract logger from context 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:52:26 +00:00
James Munnelly
bdb06ae55b Fix failing unit test 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:32:27 +00:00
James Munnelly
29c797cfb4 Run update-codegen.sh 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:13:44 +00:00
James Munnelly
81f22fd49c Upgrade k8s.io dependencies to v0.23.1 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 16:27:47 +00:00
Richard Wall
36c4de9881 Update import paths 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
17a2ec5198 update-bazel.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
1fc14676f6 Move deprecated type definitions to the internal package 
find pkg/apis/{acme,certmanager} -mindepth 1 -maxdepth 1 -not -name v1  -type d | while read d; do v=$(basename $d); g=$(basename $(dirname $d)); git mv -k $d/*.go internal/apis/$g/$v/; done

find pkg/apis/{acme,certmanager} -mindepth 1 -maxdepth 1 -not -name v1  -type d | while read d; do v=$(basename $d); g=$(basename $(dirname $d)); git rm -rf $d/; done

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
2c16d49c8c ./hack/update-bazel.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:41:15 +00:00
Richard Wall
97125afd6e Remove typed client packages 
find pkg/client/ -type d -name v1alpha2 -o -name v1alpha3 -o -name v1beta1 | xargs git rm -r

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:40:33 +00:00
Richard Wall
a21b745d01 ./hack/update-codegen.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:30:19 +00:00
Richard Wall
4eedf4fcfd Test conversion code using sample CRDs and remove conversion configuration from cert-manager CRDs 
* Generate CRDs for the sample API types
* Allow alternative CRDs to be loaded into the envtest API server
* Override the conversion configuration of the CRDs
* Show webhook server logs in tests
* Simplify the loading of the test API CRDs
* Allow the ConversionHandler to be overridden in tests

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-14 17:33:22 +00:00
jetstack-bot
5894ed989a
Merge pull request #4546 from munnerz/webhook-config-api 
Support loading webhook config from versioned file
 2021-12-14 10:09:02 +00:00
joshvanl
4d40bdcd96 Fix tests after metrics comment changes. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-07 07:42:27 +00:00
joshvanl
27c43b317e Adds deprecated message to clock_time_metrics 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-07 07:10:27 +00:00
joshvanl
b4f2d4982b Ensure clockTimeSecondsGauge is registered. Updates metrics integration 
tests to include gauge clock metric

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-02 12:11:20 +00:00
joshvanl
51e728688f Adds clock_time_seconds_gauge metric which returns the current clock 
time, based on unix time since time began

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-02 11:27:22 +00:00
jetstack-bot
3191293cb8
Merge pull request #4637 from JoshVanL/certificats-dont-error-on-delete 
Change Certificates controller to no longer error for a Certificate that no longer exists
 2021-12-01 14:19:25 +00:00
James Munnelly
ce3f3fc1f2 Regenerate files 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-01 12:57:08 +00:00
James Munnelly
1a96d9f32d config.cert-manager.io -> webhook.config.cert-manager.io 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-01 12:57:08 +00:00
joshvanl
d5503c2ed2 Change certificates controller to no longer error for a Certificate that 
no longer exists

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-11-30 15:13:14 +00:00
jetstack-bot
ce019f059c
Merge pull request #4615 from johnwchadwick/version-check-disregard-failed-pods 
Only consider running pods when determining version
 2021-11-30 14:14:45 +00:00
James Munnelly
9fce2ba5b0 Move files to create config.webhook.cert-manager.io 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 15:15:44 +00:00
James Munnelly
71a69cc488 Add unit tests for configfile loading 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
48a5efea5d Fix copyright headers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
0e1d603c93 Add support for reading config from WebhookConfiguration object 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
97863d245f Regenerate files 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
afa8e5a304 Refactoring webhook initialisation to support early config handling 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
fb81666e56 Add config.cert-manager.io API group 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
John Chadwick
d094e20611 Only consider running pods when checking version 
Some clusters may have failed pods that are not garbage collected. These
pods should not be considered when determining version numbers.

Signed-off-by: John Chadwick <86682572+johnwchadwick@users.noreply.github.com>
 2021-11-23 11:32:10 -05:00
irbekrm
7739497f22 Don't process Order CRs that have failed 
Ensure that cert-manager does not attempt to create new ACME Orders for cert-manager Order CRs that are in failed (errored, invalid or expired) state. If the CertificateRequest was created from a Certificate, the issuance will be retried after 1 hour

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-23 15:34:35 +00:00
Krzysztof Ostrowski
e35cb361c8
add comments to satisfy linter 
Signed-off-by: Krzysztof Ostrowski <kostrows@redhat.com>
Co-authored-by: Irbe Krumina <irbekrm@gmail.com>
 2021-11-04 18:15:46 +01:00
Igor Zibarev
f9ceb8a73e Fix some lint issues regarding comments 
References issue #4457

Signed-off-by: Igor Zibarev <zibarev.i@gmail.com>
 2021-11-02 13:57:20 +03:00
Jake Sanders
486fc49545
Add fuzzing unit tests for JKS passwords 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-10-29 15:12:51 +01:00
jetstack-bot
f61d534975
Merge pull request #4550 from irbekrm/pprof 
Pprof
 2021-10-26 11:20:40 +01:00
irbekrm
7b6eeff457 Profiler address for controller can now be configured 
Ensures that pprof is configured for controller in the same way as for cainjector

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-26 12:20:42 +03:00
irbekrm
73a696ddb3 Pprof addr for webhook defaults to localhost 
Also whether it is enabled and the address can now be configured via commandline flags

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-26 12:18:32 +03:00
James Munnelly
b3159537e1 Remove unused codegen tags 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 15:43:50 +01:00
James Munnelly
e7dea9f2a2 Replace all references to pkg/internal with internal 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 12:27:04 +01:00
James Munnelly
f81703d9ab Move pkg/internal/ to internal/ 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 12:24:28 +01:00
irbekrm
598ed35e4a Uses go/crypto ListCertAlternates function to fetch alternative certificate chains 
This allows us to use upstream go/crypto again instead of our own fork

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-07 15:21:26 +01:00
Richard Wall
5d91f0a3c4 Fix flaky test by using EqualUnsorted to compare Events 
Supplants https://github.com/jetstack/cert-manager/pull/4297

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-10-01 12:41:15 +01:00
irbekrm
7e9753c92e Fix CertificateRequest test 
In Go 1.17 x509.CreateCertificate fails if public key doesn't match private key https://golang.org/doc/go1.17

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-09-30 10:08:40 +01:00
irbekrm
cb6a746726 Runs ./hack/update-all.sh 
New format of Go build tags gets added

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-09-30 10:08:19 +01:00
Richard Wall
41ef0e3f2b A note about testing the handling of errors relating to the ValidatingWebhook 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-09-29 13:05:53 +01:00
Richard Wall
b71eb11fd1 A note about the relevance of conversion webhook unit-tests 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-09-29 13:02:44 +01:00
Richard Wall
969ca6d91a Use the v1 API rather than v1alpha2 in the API checker 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-09-29 12:54:42 +01:00
jetstack-bot
898dc0e254
Merge pull request #4419 from artificial-aidan/master 
Add Certificate RenewBefore prometheus metrics
 2021-09-27 17:51:46 +01:00
jetstack-bot
f4be63c208
Merge pull request #4465 from andrewmwhite/show-invalid-access-token 
Clouldflare: Show API error messages (e.g., invalid access token)
 2021-09-27 15:20:46 +01:00
jetstack-bot
5a8b970c97
Merge pull request #4456 from JoshVanL/vault-client-health-err-check 
Vault internal client should check health conn err before checking response status
 2021-09-27 13:07:46 +01:00
Jake Sanders
e58af020a6
go fmt 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-09-21 10:41:28 +01:00