weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
925 Commits 45 Branches 0 Tags 96 MiB
bfde429b8e
Commit Graph

925 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gurvinder Singh
bfde429b8e add support CNAME for dns-01 challenge 
Domain for which certificate is asked for can have a CNAME, so we should check it.
If domain has a CNAME, create the challange TXT record in the alias domain.

This is useful in the scenario where a company like us is using some DNS provider
which is not supported dynamically. We can then create a CNAME for records like

_acme-challenge.example.com -> example.aws.hosted.com

So this will allow us getting cert for *.example.com with creating txt record in route53 for above exxample.
 2018-06-21 21:48:16 +02:00
jetstack-bot
28c52d6f02
Merge pull request #662 from munnerz/fix-issuer-spin 
issuers: Skip triggering API update if status has not changed
 2018-06-18 14:39:59 +01:00
James Munnelly
592bfc7edc issuers: Skip triggering API update if status has not changed 2018-06-18 01:55:45 +01:00
jetstack-bot
094f5465eb
Merge pull request #592 from JrCs/docker-build-flags 
Add DOCKER_BUILD_FLAGS environment variable
 2018-06-16 19:16:55 +01:00
jetstack-bot
e3bb0023f2
Merge pull request #572 from whereisaaron/patch-1 
Update the 'fullname' template to match helm 2.8.2
 2018-06-16 18:49:55 +01:00
jetstack-bot
61729fb96a
Merge pull request #637 from munnerz/selfsigned 
Add self signed Issuer type
 2018-06-15 14:31:33 +01:00
James Munnelly
e40f515fd4 Address review feedback 2018-06-15 14:06:21 +01:00
jetstack-bot
cb107f3b89
Merge pull request #652 from euank/r53-owner 
issuer/dns/route53: add myself as owner
 2018-06-14 12:32:36 +01:00
jetstack-bot
12d603f511
Merge pull request #629 from groner/check-acme-issuer-challenge-type 
Check the acme issuer has the challenge type configured.
 2018-06-14 11:54:37 +01:00
jetstack-bot
0153587455
Merge pull request #655 from jetstack/munnerz-patch-5 
Update e2e test ACME email
 2018-06-14 11:08:36 +01:00
James Munnelly
b0b7ae9c1f
Update e2e test ACME email 
Let's encrypt no longer allow use of @example.com emails for ACME accounts.

This PR switches us to use a @cert-manager.io email for the ACME account used during e2e tests, as currently the dns01 e2e tests are performed against the let's encrypt staging endpoint due to issues described in https://github.com/letsencrypt/pebble/issues/118
 2018-06-13 23:11:55 +01:00
Euan Kemp
27b5e49732 issuer/dns/route53: add myself as owner 2018-06-12 18:32:49 -07:00
jetstack-bot
df4b493b38
Merge pull request #582 from ThatWasBrilliant/master 
FindZoneByFqdn fixes from lego
 2018-06-12 16:25:41 +01:00
James Munnelly
00e558a9e7 Fix package naming 2018-06-08 17:49:26 +01:00
James Munnelly
8b2ffbd2bc Add docs on selfsigned Issuer 2018-06-08 15:48:30 +01:00
James Munnelly
0c05e15024 Run hack/update-codegen.sh 2018-06-08 15:48:30 +01:00
James Munnelly
ae37efa7b7 Add selfsigned issuer e2e test 2018-06-08 15:48:30 +01:00
James Munnelly
6cfdc62f6b Add self signed Issuer type 2018-06-08 15:48:30 +01:00
jetstack-bot
17acf81b26
Merge pull request #642 from munnerz/refactor-create 
Create common GenerateCSR and GenerateTemplate methods for creating Certificate/CertificateRequest
 2018-06-08 15:45:44 +01:00
James Munnelly
1fd8cdf13e Create common GenerateCSR and GenerateTemplate methods for creating Certificate/CertificateRequest 2018-06-08 15:15:27 +01:00
jetstack-bot
4a5fe3823e
Merge pull request #635 from munnerz/vendor-prune 
Enable vendor pruning
 2018-06-08 11:36:46 +01:00
jetstack-bot
456722ce04
Merge pull request #638 from wallrj/richardw-owners 
Add Richard Wall to OWNERS file
 2018-06-07 16:23:34 +01:00
Richard Wall
21faf290af Add Richard Wall to OWNERS file 2018-06-07 15:50:43 +01:00
James Munnelly
bea5dccec4 Run dep ensure 2018-06-07 14:25:27 +01:00
James Munnelly
4c0d58bf94 Enable vendor pruning 2018-06-07 14:24:39 +01:00
Kai Groner
b7a8c4c623 Check the acme issuer has the challenge type configured. 2018-06-06 10:19:22 -04:00
jetstack-bot
5f8e9ccf94
Merge pull request #628 from JrCs/doc-vault-issuer 
Vault issuer MUST USE the vault 'sign' endpoint
 2018-06-06 15:00:53 +01:00
JrCs
bafd0f2986 Vault issuer MUST USE the vault 'sign' endpoint 2018-06-06 13:24:15 +02:00
jetstack-bot
3cafdd9401
Merge pull request #598 from euank/log-namespaces 
issuer/acme/*: log namespaces for resources
 2018-06-06 09:52:53 +01:00
Aaron Roydhouse
fceb1840b4 Bump chart version and regeneration static manifests 2018-06-05 22:08:14 -04:00
Aaron Roydhouse
e9e3ee2e6a Update the 'fullname' template to match helm 2.8.2 
The newer 'fullname' helper function automatically avoids name duplication. This change updates the function in cert-manager to include that functionality.

Given there is generally only one cert-manager per cluster, if you install cert-manager and call it `cert-manager`:
```
helm upgrade --install cert-manager stable/cert-manager
```
You get deployments and pods called `cert-manager-cert-manager...` 

With the update  version (taken from the `helm create` template for helm 2.8.2` you instead get deployments and pods called `cert-manager`.

There is a workaround possible at the moment, but the automatic behavior is more intuitive for new users.
```
helm upgrade --install cert-manager stable/cert-manager --set=fullnameOverride=cert-manager
```
 2018-06-05 22:06:34 -04:00
jetstack-bot
c61f392163
Merge pull request #555 from paultiplady/debug/gcloud-errors 
Improve logs for CloudDNS service account errors
 2018-06-06 01:40:39 +01:00
jetstack-bot
787b8d7084
Merge pull request #623 from jetstack/munnerz-patch-4 
Update labels.yaml
 2018-06-06 01:18:39 +01:00
James Munnelly
e16c7434d7
Update labels.yaml 2018-06-06 00:55:10 +01:00
jetstack-bot
fe288c18da
Merge pull request #621 from jetstack/munnerz-patch-3 
Add note about Google Group to readme
 2018-06-06 00:53:40 +01:00
jetstack-bot
ee657637c3
Merge pull request #620 from jetstack/munnerz-patch-2 
Fix links in pull request template
 2018-06-05 23:45:40 +01:00
James Munnelly
3132fa7622
Add note about Google Group to readme 2018-06-05 23:00:59 +01:00
James Munnelly
87283aa5f6
Fix links in pull request template 2018-06-05 22:55:55 +01:00
jetstack-bot
2f69555a1f
Merge pull request #522 from fgrehm/support-for-custom-dns-settings 
Support for custom dns settings
 2018-06-05 10:48:39 +01:00
Fabio Rehm
e90fb5a261
Regenerate static deployment manifest files with ./hack/update-deploy-gen.sh 2018-06-04 16:43:41 -03:00
Fabio Rehm
52142d084f
Bump chart version to v0.3.2 2018-06-04 16:36:23 -03:00
Fabio Rehm
a923113e65
Update chart's README 2018-06-04 16:32:08 -03:00
Fabio Rehm
94310f09a2
Add support for custom DNS settings for the cert-manager pod 
This allows HTTP / DNS challenges to be self checked in AWS setups in
which both a public and private DNS zone are present for the same
domains. Without this the pod will never see the challenge that is going
to be presented to LE because they'll be added to public ingresses / DNS
zones
 2018-06-04 16:32:04 -03:00
jetstack-bot
2439c8e21e
Merge pull request #609 from SaaldjorMike/docs_fixes 
Fix references to other documentation sections.
 2018-06-02 10:51:14 +01:00
Mike Rostermund
a68b54ec3e Fix references to other documentation sections. 2018-06-02 10:31:51 +02:00
jetstack-bot
137e14e5e0
Merge pull request #585 from klausenbusk/non-root 
acmesolver: Run as non-root
 2018-05-31 11:52:09 +01:00
Euan Kemp
a09e9037de issuer/acme/http: log namespaces for resources 
It's useful to know what namespace is being operated on, so log
namespaces all over the place!
 2018-05-30 20:10:17 -07:00
Euan Kemp
09a5846412 issuer/acme/http: remove unused test code 
¯\_(ツ)_/¯
 2018-05-30 20:03:00 -07:00
Euan Kemp
36b57ba475 issuer/acme/dns: log namespace for secret errors 
If we can't find the secret, the user should probably also know what
namespace we looked in.

xref #540 for a case where this might help with debugging
 2018-05-30 20:00:21 -07:00
Euan Kemp
910a9e8859 issuer/acme/dns: remove redundant 'Error' calls 2018-05-30 19:57:44 -07:00