cert-manager

Author	SHA1	Message	Date
James Munnelly	84978d88d8	Add extra comments to acme and pki package Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-13 21:05:18 +01:00
jetstack-bot	54d8ef7e8a	Merge pull request #911 from vdesjardins/vault-ca-bundle vault ca bundle support	2018-10-12 15:06:39 +01:00
James Munnelly	e815e42307	Add additional API type comments Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 14:08:51 +01:00
James Munnelly	039a086f58	run //hack:update-bazel Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:40 +01:00
James Munnelly	a98415fec7	Fix up test cases after rebase Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	eadbbc85c5	Add missing boilerplate headers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	d323a1df0d	Add unit tests for acmeorders and acmechallenges Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	9214615d6e	Fix race issues in ACME issue function. Add extended unit tests. Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	ad99639b44	Fix failing test Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	847d0c6152	Refactor controllers to return Response structures Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	1f6013e39b	Add unit tests for ACME Prepare function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	80e0085b5a	Remove old issuer check in Prepare function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	d316ea6fb9	Add support for backing-off creating orders after failure Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	5482ece3f5	Update unit test framework to support actions and required reactors Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	967a48e1dc	Add ACME Order & Challenge controllers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	65487e1d2b	Update ACME HTTP solver to use Challenge resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	2b663eb9a9	Update ACME DNS solver to use Challenge resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	f8b1e653f3	Refactor ACME Issuer to create and manage Order resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	4fcfbb44ef	Add IsFinalState and IsErrorState functions Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	2eb785655c	Run //hack:update-codegen Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	f3991c6edf	run //hack:update-bazel Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
Vincent Desjardins	4e89b611cf	missing omitempty for CABundle field in Vault issuer Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-12 11:14:08 +00:00
James Munnelly	bfd8ac7eab	Add Order and Challenge API types Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 11:08:51 +01:00
Vincent Desjardins	7b01a8aa0d	update code review #2 Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 02:19:55 +00:00
Vincent Desjardins	92ac7a7c08	code review updates Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 01:22:05 +00:00
Vincent Desjardins	7c1ff275f0	vault ca bundle support Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 01:22:05 +00:00
jetstack-bot	620395511a	Merge pull request #924 from arnoldbechtoldt/useClusterIPsvc Make http01 solver serviceType configurable	2018-10-10 13:42:11 +01:00
jetstack-bot	5ea95b6cc1	Merge pull request #923 from arnoldbechtoldt/issue892 make http01 solver pod resource request/limits configurable, refs #892	2018-10-10 13:06:11 +01:00
Arnold Bechtoldt	ce1dd5e8b5	update API docs Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-10-10 13:31:07 +02:00
Arnold Bechtoldt	1587741820	rename setting and update docs regarding solver service type Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-10-08 15:24:17 +02:00
jetstack-bot	912c7672bd	Merge pull request #848 from Queuecumber/ca-nginx Include CA Certificate In Secrets	2018-10-08 13:04:37 +01:00
acoshift	3e9085f376	remove key algor validation in ACME issuer Signed-off-by: Thanatat Tamtan <acoshift@gmail.com>	2018-10-08 17:47:31 +07:00
Arnold Bechtoldt	d261e1f3f1	make serviceType configurable, fixes #928 Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-10-08 10:55:56 +02:00
acoshift	fc7711967e	allow ecdsa for acme Signed-off-by: Thanatat Tamtan <acoshift@gmail.com>	2018-10-07 20:22:41 +07:00
Arnold Bechtoldt	845eb7f57c	make http01 solver pod resource request/limits configurable, refs #892 Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-09-26 14:39:06 +02:00
splashx	4e9af51629	fix rfc2136 provider missing port error, plumb dnsNameserver01 Signed-off-by: splashx <splash@gmail.com>	2018-09-17 17:38:09 +02:00
Max Ehrlich	5eaf89ba4a	Simplify getting the ca cert bytes from the ca chain Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:41:17 -04:00
Max Ehrlich	f81f499d3d	Rerun gofmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:18:40 -04:00
Max Ehrlich	06fb0cefc7	Manually generate pem from cachain field since the vault api does not expose it Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:06:41 -04:00
Max Ehrlich	d63fbbab49	Fix go-fmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:54:30 -04:00
Max Ehrlich	48653e07f9	Return CA for vault certs, this uses the issuing_ca field from the vault api response, see (https://www.vaultproject.io/api/secret/pki/index.html#sign-certificate ) for details Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:47:44 -04:00
Max Ehrlich	25e86d5588	For now, the vault issuer will also not store it's CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:15 -04:00
Max Ehrlich	ab450c7463	Set the CA field if a non-nil ca cert is passed Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:15 -04:00
Max Ehrlich	213d5ec6b5	Self-signed issuers return a copy of the same certificate that was issued as the CA Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	511650ca82	ACME issuers currently will not support getting the CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	58efbc068c	Update CA issuer to return the CA cert pem Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	280382e6ce	Issue and renew should now return the bytes of the CA certificate that was used to issue the certs. This should be set to nil if not applicable Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	41c7def791	Helper function to get PEM encoded bytes of x509 certs Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	e347572541	Change key name constant to better match its function Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	2524335f3a	Set the "ca.crt" field for certificates issued with isCA so that nginx can properly identify them for client authentication Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:13 -04:00

1 2 3 4 5 ...

555 Commits