weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
5,199 Commits 45 Branches 0 Tags 96 MiB
bbafeeef67
Commit Graph

5199 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Erik Godding Boye
bbafeeef67 fix #3619: Handle CA issuer working as intermediate correctly 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2021-04-06 19:45:48 +02:00
Erik Godding Boye
861db7bf4e Fix minor local dev environment issue 
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
 2021-04-06 19:45:48 +02:00
jetstack-bot
5925973f89
Merge pull request #3832 from JoshVanL/webhook-validation-request-context 
Webhook validation request context passthrough
 2021-04-06 16:34:58 +01:00
jetstack-bot
e7333df106
Merge pull request #3838 from wallrj/3289-stable-api-versions 
Update cainjector to use stable API versions
 2021-04-06 15:19:57 +01:00
Richard Wall
3d7f370b21 Re-enable the cainjector E2E tests for apiregistration 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-06 14:04:26 +01:00
jetstack-bot
2abafa18be
Merge pull request #3846 from irbekrm/reinstate_line_wrapping 
Reinstate line wrapping
 2021-04-03 17:02:51 +01:00
irbekrm
22f6cb18d2 Adds some comments 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-03 15:54:52 +01:00
irbekrm
245d591dc3 reinstate line wrapping 
by bumping gopkg.in/yaml to v2.4.0

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-03 15:39:04 +01:00
joshvanl
85ff4301b8 Passes through request context of webhook to admission functions 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-04-03 13:19:01 +01:00
jetstack-bot
e3ae071f1c
Merge pull request #3823 from irbekrm/bump_go 
Bumps go 1.15 -> 1.16
 2021-04-03 09:10:48 +01:00
irbekrm
62d4fb7384 Bumps go 1.15 -> 1.16 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Runs ./hack/update-deps.sh

Signed-off-by: irbekrm <irbekrm@gmail.com>

get go_rules to download latest patch version of go

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-02 10:21:39 +01:00
Richard Wall
20510e45f0 Update cainjector to use stable API versions 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 17:23:28 +01:00
jetstack-bot
c2c0fdd781
Merge pull request #3831 from wallrj/3642-venafi-cloud-outage-predict 
Upgrade to vcert 4.13.1
 2021-04-01 13:30:39 +01:00
jetstack-bot
5dd00bf2a5
Merge pull request #3815 from RinkiyaKeDad/3796_e2e_fail_logs 
feat: fix logs display for e2e test failures
 2021-04-01 09:36:39 +01:00
Richard Wall
39ebccd0ba Skip the Venafi Cloud conformance tests by default 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 09:13:36 +01:00
Richard Wall
a372e1afb6 Delete empty Venafi Cloud issuer tests 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 09:13:36 +01:00
Richard Wall
308a0f4405 Upgrade to vcert 4.13.1 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 09:13:36 +01:00
jetstack-bot
e29a3df86d
Merge pull request #3785 from JoshVanL/approval-subject-access-review 
Approval subject access review
 2021-04-01 08:00:39 +01:00
joshvanl
46f1d853f5 Adds comment about why we convert CRs into internal types when 
validating approval

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-30 15:33:27 +01:00
jetstack-bot
517d211103
Merge pull request #3816 from irbekrm/update_bazel 
Bump versions of Gazelle, go_rules, Kazel, protobuf
 2021-03-30 13:44:38 +01:00
RinkiyaKeDad
a5580a9ab7 feat: removed exit 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-03-30 16:46:51 +05:30
RinkiyaKeDad
79ee98bb56 feat: running the jobs in series 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-03-30 16:03:19 +05:30
jetstack-bot
45befd8696
Merge pull request #3811 from salmanahmed404/SemanticChecks-3809 
Replace reflect.DeepEqual with semantic equality check
 2021-03-29 09:40:32 +01:00
irbekrm
81a8588b91 Bumps versions of Gazelle, go_rules, Kazel, protobuf 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Bumps versions of Gazelle, go_rules, Kazel and protobuf

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-03-29 08:25:12 +01:00
RinkiyaKeDad
45f1507a76 feat: fix logs display for e2e test failures 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-03-27 16:53:52 +05:30
Salman
800d6019bf Replace reflect.DeepEqual with semantic equality check and remove status marshal 
Signed-off-by: salmanahmed404 <salmanahmed404@gmail.com>
 2021-03-27 12:49:14 +05:30
Salman
572bfb9111 Replace reflect.DeepEqual with semantic equality check 
Signed-off-by: salmanahmed404 <salmanahmed404@gmail.com>
 2021-03-27 12:49:14 +05:30
joshvanl
820b8556a3 Fix go linting 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:41:42 +00:00
joshvanl
55e74c3e02 Update bazel build files 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:28:14 +00:00
joshvanl
191e448764 Updates go modules 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
f8b38daa4c Update cert-manager-controller:approve RBAC naming to be more consistent 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
56a604c6f0 Init plugins in webhook cmd 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
b75655fbb6 Updates approval e2e tests to include custom resource definitions 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
4be73eaec0 Add plugins to webhook server 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
3ecef47b2a Remove SubjectAccessReview validation registry 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
29a7a90d85 Remove old approval SAR registry 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
8380569470 Move approval validation to new internal webhook admission plugin 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
109b3e0b28 Rename Wehook's API server host flag from --master to --api-server-host 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
746cd7460b Updates approval review comment to correctly state cluster scope and 
issuer name

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
d69e798b83 Update validation approved tests for new string 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
5b34d9a6cc Change cert-manager-controller approve RBAC resource names to 
':approve-cert-manager-io'

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
393848ee98 Fix webhook RBAC resource names to use ':subjectaccessreviews' 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
ed22fb99f6 Change approved/denied forbidden error to read better for EU 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
a97be01bd8 Adds test comment to approval e2e test 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
8048034b0e Adds permissions to approve "issuer.cert-manager.io/*", "clusterissuer.cert-manager.io/*" signers to the cert-manager-controller ServiceAccount 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
157b577056 Adds Approval SubjectAccessReview checks to e2e UserInfo suite 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
59049ee58a Add SubjectAccessReview client to validation registration on webhook start. Make API address configurable 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
f640f64fcb Update integration test framework to restart the API to share the 
address with the webhook

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
13d8cc707f Adds SubjectAccessReview checks in webhook, if ValidateUpdate Succeeds 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
joshvanl
92c6ce88bb Register approval checks with validation init registration 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00