cert-manager

Author	SHA1	Message	Date
Eng Zer Jun	54e70d2cc4	refactor: move from io/ioutil to io and os package The io/ioutil package has been deprecated in Go 1.16. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2021-08-23 19:50:42 +08:00
Ashley Davis	68f5ceb3b4	Fix manually specified Certificate and CertificateRequest versions Basically all modern X.509 certs are version 3, but confusingly to specify "version 3" in an encoded cert, the version number is actually 2. For PKCS#10 CSRs, the only valid version is 1, which again confusingly has the value "0" when encoded. This was incorrect in many places, including one place in which the version number on a CSR was used as a certificate's version number, when the two are entirely unrelated. Go ignores these values, so there's no functional changes here; still, it's better to be accurate. Go ignoring CSR version and specifying 0: https://cs.opensource.google/go/go/+/refs/tags/go1.17:src/crypto/x509/x509.go;l=1958 Go ignoring Certificate version and specifying 2: https://cs.opensource.google/go/go/+/refs/tags/go1.17:src/crypto/x509/x509.go;l=1534 PKCS#10 CSR specification in RFC 2986 section 4.1: https://datatracker.ietf.org/doc/html/rfc2986#section-4 X.509 Cert specification in RFC 5280 section 4.1.2.1: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.1 Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-08-19 14:48:12 +01:00
Inteon	91ec4c773a	use correct contexts everywhere & don't restart apiserver to add crds Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-08-12 20:05:01 +02:00
Inteon	abc39053b2	resolve .Stop() failures Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-08-07 10:19:07 +02:00
jetstack-bot	b04e42c437	Merge pull request #4253 from JoshVanL/apiextensions-v1beta1-v1 Conversion: Apiextensions v1beta1 -> v1	2021-07-30 15:49:49 +01:00
joshvanl	8470ba96f0	Change webhook admission/mutation to no longer understand and reject anything which is not v1 (remove v1beta1) Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-29 11:10:24 +01:00
joshvanl	be2ad9ed15	Update sample ACME webhook to use apiextensions v1beta1 -> v1 Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-26 17:04:35 +01:00
joshvanl	5762b5706e	Update Conversion webhook to no longer understand v1beta1, only v1 Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-26 17:02:18 +01:00
Inteon	632459c6d9	resolve bug & cleanup Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-23 15:41:24 +02:00
Inteon	81e216eeba	wait for goroutines to end before exiting Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-23 15:30:26 +02:00
Ashley Davis	333af8fd94	further static check fixes pkg/internal/apis/certmanager/validation/certificate_for_issuer_test.go:34:2 deadcode `defaultTestCrtName` is unused pkg/issuer/acme/dns/rfc2136/provider_test.go:42:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/acme/dns/rfc2136/provider_test.go:77:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/vault/setup.go:37:2 deadcode `messageVaultHealthCheckFailed` is unused pkg/issuer/venafi/client/request.go:143:5 gosimple S1023: redundant break statement pkg/logs/logs.go:68:8 errcheck Error return value of `fs.Set` is not checked the following fixes introduce a panic when the returned error is non-nil, which could be a breaking change but was deemed to be worth it pkg/webhook/server/server.go:58:30 errcheck Error return value is not checked pkg/webhook/server/server.go:59:25 errcheck Error return value is not checked Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-05-21 12:04:05 +01:00
Tamal Saha	2609aa51e1	Use gomodules.xyz/jsonpatch instead of mattbaird/jsonpatch Signed-off-by: Tamal Saha <tamal@appscode.com>	2021-05-17 13:05:19 -07:00
jetstack-bot	bd817cce0a	Merge pull request #3936 from irbekrm/webhook_warnings Webhook warnings	2021-05-11 13:43:53 +01:00
jetstack-bot	3434c78188	Merge pull request #3960 from wallrj/538-lint-fixes-richardw Fix some linting errors	2021-05-07 11:50:34 +01:00
Jake Sanders	98c3b56e43	close stopch in failure cases Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-06 12:18:56 +01:00
Jake Sanders	eab7c954a2	Use %v to log errors Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-05 16:28:46 +01:00
Jake Sanders	03cc4dc24d	Update bazel Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-04 15:24:12 +01:00
Jake Sanders	e01d96381c	errheck: Error return value of `source.Run` is not checked Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-04 14:45:45 +01:00
Richard Wall	2eece85082	Use bytes.Equal instead of bytes.Compare pkg/webhook/server/tls/file_source.go:140:5: should use bytes.Equal(keyData, f.cachedKeyBytes) instead (S1004) pkg/webhook/server/tls/file_source.go:140:54: should use bytes.Equal(certData, f.cachedCertBytes) instead (S1004) Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-05-04 14:26:43 +01:00
irbekrm	f46aad2b74	Implements suggestions from code review Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-04-29 17:47:27 +01:00
irbekrm	bffebe2cb6	Calls to validating webhook can now return warnings Adds warnings to the top level validating functions' signatures Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-04-29 11:45:52 +01:00
joshvanl	85ff4301b8	Passes through request context of webhook to admission functions Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-04-03 13:19:01 +01:00
joshvanl	4be73eaec0	Add plugins to webhook server Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 17:26:28 +00:00
joshvanl	13d8cc707f	Adds SubjectAccessReview checks in webhook, if ValidateUpdate Succeeds Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-03-26 17:26:28 +00:00
joshvanl	33f3fe473c	Rename webhook SchemeBackedMutator -> RegistryBackedMutator Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-02-10 09:39:52 +00:00
joshvanl	6438530fe0	Update webhook Scheme to use and install mutations with mutation registry Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-02-08 19:18:49 +00:00
joshvanl	8e4a10ad93	Change webhook mutation handler to use new mutation registry Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-02-08 19:18:15 +00:00
joshvanl	eff5bc069e	Updates webhook validation handler to use new function signature Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-02-08 19:15:23 +00:00
joshvanl	cdeca6a9f4	Updates testdata to use new validation function signature. Updates registry and scheme install Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-02-08 19:14:35 +00:00
Maartje Eyskens	be205c04e6	Run a codegen update Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2021-01-08 15:05:32 +01:00
Maartje Eyskens	ab0cd57dc5	Use The cert-manager Authors. Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-12-11 19:04:13 +01:00
Maartje Eyskens	1788a9d758	Update copyright to cert-manager project Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-12-08 19:04:49 +01:00
Mateusz Gozdek	27fa2f1ec4	Fix various typos found by codespell Found by running this command: codespell -S .git,*.png,go.sum -L keypair,iam,ans,unknwon,tage,ths,creater Signed-off-by: Mateusz Gozdek <mgozdekof@gmail.com>	2020-11-07 14:55:13 +01:00
Richard Wall	7e60151a26	Remove unused testcase field Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-09-04 18:00:53 +01:00
Richard Wall	4eb49ffe72	Add boilerplate to new test Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-09-04 17:44:06 +01:00
Richard Wall	057f3d7587	Duplicate ConversionWebhook tests to exercise the ConvertV1Beta1 method Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-09-04 17:38:30 +01:00
Richard Wall	fd1959ec30	Use separate methods for each ConversionReview type Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-09-04 17:12:57 +01:00
Maartje Eyskens	b4c5221e2b	One more fix Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-09-02 16:08:03 +02:00
Maartje Eyskens	c7522c2b91	Cast conversion request in the correct API group Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-09-02 16:03:14 +02:00
jetstack-bot	647035a266	Merge pull request #3211 from meyskens/csr-extkey Extended key usages into CSR	2020-08-27 15:33:37 +01:00
Maartje Eyskens	47266ffbbc	Implement feedback from review Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-27 14:46:28 +02:00
Maartje Eyskens	db0a321d32	Add boilerplate Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-27 13:33:02 +02:00
Maartje Eyskens	71c3d2fb6b	Update bazel Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-27 13:10:06 +02:00
Maartje Eyskens	e0749ad822	Implement feedback Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-27 13:02:18 +02:00
Maartje Eyskens	136085ac6b	Fix conversion (insert facepalm here) Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-26 19:03:15 +02:00
Maartje Eyskens	697fe1052a	DIY conversions for admissions Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-26 17:52:28 +02:00
Maartje Eyskens	60db2d16c2	Fix unit tests Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-25 14:59:22 +02:00
Maartje Eyskens	627b57fed5	Add validation for CR creation only to match Key usages with the CSR if both are set Signed-off-by: Maartje Eyskens <maartje@eyskens.me>	2020-08-25 14:38:57 +02:00
Richard Wall	81eb53f597	./hack/update-all.sh Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-08-20 14:28:06 +01:00
Richard Wall	a70298180a	Run a script to update v1alpha2 usage to v1 Script is available at https://github.com/jetstack/cert-manager/pull/3201 Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2020-08-20 14:26:51 +01:00

1 2 3

101 Commits