weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
7,628 Commits 45 Branches 0 Tags 96 MiB
bfa7eaaf0d
Commit Graph

628 Commits

Author SHA1 Message Date
jetstack-bot
bfa7eaaf0d
Merge pull request #5766 from irbekrm/cainjector_limit_controllers 
Cainjector limit controllers
 2023-04-18 11:14:21 +01:00
irbekrm
e49c1f0a74 Code review feedback 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-04-18 10:36:28 +01:00
Tim Ramlot
62310c3e06
run 'make verify-licenses' 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-04-11 21:59:19 +02:00
Luca Comellini
9219bc409b
Bump Helm to v3.11.2 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2023-04-11 11:39:37 -07:00
Tim Ramlot
1c23f408a7
add NumberOfConcurrentWorkers flag 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-04-11 14:03:59 +02:00
Tim Ramlot
1d28b4f31c
Bump k8s.io dependencies 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2023-04-07 10:36:47 +02:00
Tim Ramlot
380359b586
run 'make update-licenses' 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-04-06 22:29:59 +02:00
Maël Valais
e9f81ddc1c go work sync 
Signed-off-by: Maël Valais <mael@vls.dev>
 2023-04-06 16:34:21 +02:00
Ashley Davis
6ce6ae839e
separate binaries/tests into separate modules with minimal dependencies 
also add gomod validation in CI, along with a cmrel version bump

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2023-04-05 10:30:39 +01:00
Mauro M. Silva
5ec677d9b4 improving the error message 
Signed-off-by: Mauro M. Silva <maumontesilva@gmail.com>
 2023-03-30 00:52:32 +01:00
Mauro M. Silva
9f584cfb9a change the message 
Signed-off-by: Mauro M. Silva <maumontesilva@gmail.com>
 2023-03-28 22:16:44 +01:00
Mauro M. Silva
f703a5409d Error if the resource name is omitted, unless --all is also used. 
Signed-off-by: Mauro M. Silva <maumontesilva@gmail.com>
 2023-03-28 09:21:36 +01:00
jetstack-bot
4e889b702b
Merge pull request #5834 from inteon/remove_unused_parameter 
Removed unused NewCertManagerWebhookServer function argument
 2023-02-28 13:04:33 +00:00
Tim Ramlot
f36c06f10d
move cmd/util/ to internal/cmd/util/, since it is also imported by packages outside of cmd/ 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-02-28 12:38:59 +01:00
Tim Ramlot
82beacaee2
removed unused NewCertManagerWebhookServer function argument 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-02-28 12:30:44 +01:00
irbekrm
56cf4dfd3c Allows to modify configured injectable kinds for cainjector via flags 
Also changes name of --watch-certs flag to --enable-certificate-data-source

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-02-01 11:43:00 +00:00
jetstack-bot
9f7a4053ab
Merge pull request #5746 from irbekrm/cainjector_remove_duplicate_cache 
Remove the double cache mechanism for cainjector
 2023-01-25 15:05:57 +00:00
irbekrm
3aba8ed32d Makes cainjector Certificate watch optional 
Configurable via a flag, true by default

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-24 13:52:45 +00:00
irbekrm
4776597cb4 Remove the double cache mechanism for cainjector 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-23 17:38:46 +00:00
Tim Ramlot
23de5240e9
move utility functions to reduce fragmentation and rename functions for consistency 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-01-23 13:19:39 +01:00
irbekrm
53abc8cb2e Use fake kube apiserver version when generating helm template in cmctl x install 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-12 15:00:21 +00:00
irbekrm
87bef52337 Fix cainjector's namespace flag 
Ensures that when cainjector has the namespace flag passed, namespaced resource caching is scoped to that namespace

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-05 18:15:19 +00:00
Corey McGalliard
7e6e0940a2 updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive 
Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>
 2022-11-16 11:20:36 -05:00
irbekrm
584147df37 Document that pod template spec should be used instead of flags 
For configuring ACME HTTP-01 solver pod

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-08-09 15:26:10 +01:00
Ashley Davis
fb231ab641
Remove bazel 🎉 
This removes all .bazel and .bzl files, and a bunch of scripts relating
to bazel, now that it's been entirely replaced.

There are still a few places where traces could be removed, but this
removes the brunt of the bazel stuff that remains.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-07-26 11:38:50 +01:00
jetstack-bot
5d2542ab2e
Merge pull request #5196 from irbekrm/fix_retry_flag_help 
Corrects the --dns01-check-retry-period flag description
 2022-06-30 13:25:03 +01:00
Mark Shields
c2f585657a fix(cmctl): typo 
Signed-off-by: Mark Shields <4237425+beejiujitsu@users.noreply.github.com>
 2022-06-16 22:14:36 -04:00
irbekrm
75b205021d Corrects the --dns01-check-retry-period flag description 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-09 12:09:39 +01:00
Luca Comellini
091549620b
Bump Go to 1.18 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-06-02 15:50:13 -07:00
Monis Khan
2a33c7a5c2
Use Kubernetes CSR spec.expirationSeconds to express cert duration 
This change adds the ability to express certificate duration using
the Kubernetes CSR spec.expirationSeconds field alongside the existing
approach of using the experimental.cert-manager.io/request-duration
annotation.  Both approaches are supported as the expirationSeconds
field requires Kubernetes v1.22+.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-03-21 09:40:32 -04:00
David Bond
4a4dd03245
Switch leader election to use Lease objects 
Previously, cert-manager supported both ConfigMap & Lease objects for leader election. This commit modifies
the leader-election code to now solely use Lease objects in both the controller & ca-injector. The related
RBAC for ConfigMap resources has also been removed.

This change means that you cannot upgrade to the version containing this commit from cert-manager 1.3.

Related to #3766

Signed-off-by: David Bond <davidsbond93@gmail.com>
 2022-03-10 12:38:50 +00:00
jetstack-bot
22419602c0
Merge pull request #4897 from jahrlin/uninstall 
cmctl x uninstall
 2022-03-08 13:33:00 +00:00
Joakim Ahrlin
4f72d061c5 update uninstall description 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-03-02 10:21:26 +01:00
Jake Sanders
03748831a9
Remove hardcoded cert from cmctl inspect secret unit tests 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-03-01 13:11:31 +00:00
Joakim Ahrlin
a1e3000a77 dont export options fields 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:44:53 +01:00
Joakim Ahrlin
02485ebede goimports 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:40:04 +01:00
Joakim Ahrlin
632a8b0476 add and update build files 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:36:35 +01:00
Joakim Ahrlin
b92deaa4d2 add uninstall command 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:32:05 +01:00
DiptoChakrabarty
ee069f2c45 fix comments to reduce golint issues 
Signed-off-by: DiptoChakrabarty <diptochuck123@gmail.com>
 2022-02-16 17:28:08 +05:30
jetstack-bot
4f11cc27dd
Merge pull request #4822 from JoshVanL/devel-feature-gates-parse 
Parse and distribute feature gates in devel script
 2022-02-11 13:19:01 +00:00
Jake Sanders
f225637e20
Relax the validation on the default Issuer Kind for certificate-shim 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-02-08 13:50:13 +00:00
joshvanl
0bba16e0f9 Adds empty feature set for cainjector. Parses feature gates in devel 
script, and passes them on to each component

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:39:46 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
d6c34987ef Updates controller start with ControllerFactory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
jetstack-bot
06ed2bd0f3
Merge pull request #4763 from wallrj/4739-cmctl-x-install-default-namespace 
Make sure that cmctl x install uses the cert-manager namespace
 2022-01-21 10:13:07 +00:00
Richard Wall
3679ee8888 Apply suggestions from code review 
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-01-20 22:35:48 +00:00
Richard Wall
0f5ca4626f Make sure that cmctl x install uses the cert-manager namespace by default 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-01-20 13:46:32 +00:00
James Munnelly
c1a92f20b6 Fix imports 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 11:05:00 +00:00
James Munnelly
bf98c92a44 Remove ServerOption type now that webhook initialization has moved to internal package 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00