cert-manager

Author	SHA1	Message	Date
James Munnelly	c1bd9c4a2e	Add missing call to retryOrder in existing order value for private key check Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	965757cce0	Retry order if existing Order certificate is invalid Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	403a746bfa	Always reset LastFailureTime in retryOrder Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	87a479e6cb	Add extra comments in ACME Issuer function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	f553f8e8a4	Move existing order checking into own function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	f2551d3832	Reorder checking for existingOrder Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	e4399e87c5	Move private key generation to start of Issue Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	536b6fd76f	Refactor ACME issuer generate private key code Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	374db0b458	Refactor ACME issuer cleanup orders code Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-15 23:02:17 +01:00
James Munnelly	84978d88d8	Add extra comments to acme and pki package Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-13 21:05:18 +01:00
jetstack-bot	54d8ef7e8a	Merge pull request #911 from vdesjardins/vault-ca-bundle vault ca bundle support	2018-10-12 15:06:39 +01:00
James Munnelly	039a086f58	run //hack:update-bazel Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:40 +01:00
James Munnelly	a98415fec7	Fix up test cases after rebase Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	eadbbc85c5	Add missing boilerplate headers Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	d323a1df0d	Add unit tests for acmeorders and acmechallenges Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	9214615d6e	Fix race issues in ACME issue function. Add extended unit tests. Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:39 +01:00
James Munnelly	ad99639b44	Fix failing test Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	847d0c6152	Refactor controllers to return Response structures Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	1f6013e39b	Add unit tests for ACME Prepare function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	80e0085b5a	Remove old issuer check in Prepare function Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	d316ea6fb9	Add support for backing-off creating orders after failure Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	5482ece3f5	Update unit test framework to support actions and required reactors Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:38 +01:00
James Munnelly	65487e1d2b	Update ACME HTTP solver to use Challenge resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	2b663eb9a9	Update ACME DNS solver to use Challenge resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
James Munnelly	f8b1e653f3	Refactor ACME Issuer to create and manage Order resources Signed-off-by: James Munnelly <james@munnelly.eu>	2018-10-12 12:40:37 +01:00
Vincent Desjardins	7b01a8aa0d	update code review #2 Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 02:19:55 +00:00
Vincent Desjardins	92ac7a7c08	code review updates Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 01:22:05 +00:00
Vincent Desjardins	7c1ff275f0	vault ca bundle support Signed-off-by: Vincent Desjardins <vdesjardins@gmail.com>	2018-10-11 01:22:05 +00:00
jetstack-bot	620395511a	Merge pull request #924 from arnoldbechtoldt/useClusterIPsvc Make http01 solver serviceType configurable	2018-10-10 13:42:11 +01:00
jetstack-bot	5ea95b6cc1	Merge pull request #923 from arnoldbechtoldt/issue892 make http01 solver pod resource request/limits configurable, refs #892	2018-10-10 13:06:11 +01:00
Arnold Bechtoldt	1587741820	rename setting and update docs regarding solver service type Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-10-08 15:24:17 +02:00
jetstack-bot	912c7672bd	Merge pull request #848 from Queuecumber/ca-nginx Include CA Certificate In Secrets	2018-10-08 13:04:37 +01:00
Arnold Bechtoldt	d261e1f3f1	make serviceType configurable, fixes #928 Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-10-08 10:55:56 +02:00
Arnold Bechtoldt	845eb7f57c	make http01 solver pod resource request/limits configurable, refs #892 Signed-off-by: Arnold Bechtoldt <arnold.bechtoldt@inovex.de>	2018-09-26 14:39:06 +02:00
splashx	4e9af51629	fix rfc2136 provider missing port error, plumb dnsNameserver01 Signed-off-by: splashx <splash@gmail.com>	2018-09-17 17:38:09 +02:00
Max Ehrlich	5eaf89ba4a	Simplify getting the ca cert bytes from the ca chain Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:41:17 -04:00
Max Ehrlich	f81f499d3d	Rerun gofmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:18:40 -04:00
Max Ehrlich	06fb0cefc7	Manually generate pem from cachain field since the vault api does not expose it Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-15 17:06:41 -04:00
Max Ehrlich	d63fbbab49	Fix go-fmt Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:54:30 -04:00
Max Ehrlich	48653e07f9	Return CA for vault certs, this uses the issuing_ca field from the vault api response, see (https://www.vaultproject.io/api/secret/pki/index.html#sign-certificate ) for details Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 18:47:44 -04:00
Max Ehrlich	25e86d5588	For now, the vault issuer will also not store it's CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:15 -04:00
Max Ehrlich	213d5ec6b5	Self-signed issuers return a copy of the same certificate that was issued as the CA Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	511650ca82	ACME issuers currently will not support getting the CA certificate Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	58efbc068c	Update CA issuer to return the CA cert pem Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
Max Ehrlich	280382e6ce	Issue and renew should now return the bytes of the CA certificate that was used to issue the certs. This should be set to nil if not applicable Signed-off-by: Max Ehrlich <max.ehr@gmail.com>	2018-09-13 17:07:14 -04:00
James Munnelly	48ecee9cfb	run //hack:update-gofmt Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:25:04 +01:00
James Munnelly	db65d6a170	run //hack:update-bazel Signed-off-by: James Munnelly <james@munnelly.eu>	2018-09-13 11:24:48 +01:00
jetstack-bot	feb589feb5	Merge pull request #661 from splashx/master [ACME] Add RFC2136 DNS Provider (2nd attempt)	2018-09-12 09:11:48 +01:00
Evan Anderson	265c9610ff	Add an error check for AzureDNS failure to create a solver. Add documentation comments for public methods (caught by 'go lint'). Signed-off-by: Evan Anderson <evan.k.anderson@gmail.com>	2018-09-11 01:20:44 -07:00
splashx	3761c6c3a4	fix panic, wrong logic Signed-off-by: splashx <splash@gmail.com>	2018-09-10 21:40:40 +02:00

1 2 3 4 5 ...

367 Commits