cert-manager

Author	SHA1	Message	Date
Luca Comellini	1bfc131e6a	Bump sigs.k8s.io/controller-tools to v0.12.0 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-05-05 16:32:25 +01:00
Tobo Atchou	ee638a91ff	cert-manager-webhook to provide logs when handling request Signed-off-by: Tobo Atchou <tobo.atchou@gmail.com>	2023-04-22 10:41:44 +02:00
Tim Ramlot	415da885a1	remove ioutil Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-04-07 11:19:52 +02:00
Luca Comellini	0f64e055ae	Bump k8s.io dependencies Signed-off-by: Luca Comellini <luca.com@gmail.com>	2023-03-10 14:55:26 -08:00
Luca Comellini	dbd6dc9b16	Bump sigs.k8s.io deps Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-12-21 09:47:41 -08:00
Tim Ramlot	39fa9f51b4	upgrade dependencies Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-09-26 11:43:12 +02:00
Tim Ramlot	93caba980e	apply go fmt for go1.19 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-08-04 09:51:57 +00:00
Ashley Davis	fb231ab641	Remove bazel 🎉 This removes all .bazel and .bzl files, and a bunch of scripts relating to bazel, now that it's been entirely replaced. There are still a few places where traces could be removed, but this removes the brunt of the bazel stuff that remains. Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-26 11:38:50 +01:00
Ashley Davis	eccde015ac	add CRD generation to makefile, replacing bazel - includes a run of make update-crds which causes some trivial changes - updates version of YQ to latest - makes hack/update-crds.sh just call make - makes hack/verify-crds.sh just call make - moves functionality of hack/verify-crds.sh to hack/check-crds.sh, using the makefile for generating alternative CRDs for comparison - removes the bazel test associated with CRDs Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-06-27 13:25:18 +01:00
Luca Comellini	091549620b	Bump Go to 1.18 Signed-off-by: Luca Comellini <luca.com@gmail.com>	2022-06-02 15:50:13 -07:00
Cody W. Eilar	2da5974fb4	Improve logging output for webhook cert renewal - Make "cert-manager certificate" explicit in log output - Include DNSNames for context Signed-off-by: Cody W. Eilar <ecody@vmware.com>	2022-05-24 12:48:45 -07:00
Ashley Davis	6420aa4bfa	fix imports in a few files this is according to our policy on organizing imports, see: https://cert-manager.io/docs/contributing/coding-conventions/#organizing-imports Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-02-18 17:42:45 +00:00
Ashley Davis	3a055cc2f5	rename all uses of github.com/jetstack/cert-manager This was done by running the following command twice: ```bash grep -Ri "github.com/jetstack/cert-manager" . \| \ cut -d":" -f1 \| \ sort \| \ uniq \| \ xargs sed -i "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/" ``` Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-02-02 09:08:31 +00:00
James Munnelly	787ff34e38	Add copyright attribution Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 11:07:49 +00:00
James Munnelly	fa61625d5f	Regenerate test CRDs Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:51 +00:00
James Munnelly	65b8994330	Avoid defaulting objects before validation Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:51 +00:00
James Munnelly	0bba671152	Ensure defaulting is applied in the correct API version during mutation Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:50 +00:00
James Munnelly	07a0171e98	Use regular discovery client instead of cache Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:50 +00:00
James Munnelly	e13c879681	Remove old handlers & admission plugins Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:50 +00:00
James Munnelly	708de3c580	webhook: use new admission-plugin backed validation and mutation handlers Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:56:46 +00:00
James Munnelly	572aecd48d	Add webhook admission package to implement admission control in a clearer manner Signed-off-by: James Munnelly <jmunnelly@apple.com>	2022-01-20 10:54:18 +00:00
James Munnelly	5d7df17a24	pkg/webhook/authority: extract logger from context Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-12-17 18:52:26 +00:00
James Munnelly	bdb06ae55b	Fix failing unit test Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-12-17 18:32:27 +00:00
James Munnelly	81f22fd49c	Upgrade k8s.io dependencies to v0.23.1 Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-12-17 16:27:47 +00:00
Richard Wall	4eedf4fcfd	Test conversion code using sample CRDs and remove conversion configuration from cert-manager CRDs * Generate CRDs for the sample API types * Allow alternative CRDs to be loaded into the envtest API server * Override the conversion configuration of the CRDs * Show webhook server logs in tests * Simplify the loading of the test API CRDs * Allow the ConversionHandler to be overridden in tests Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-12-14 17:33:22 +00:00
James Munnelly	1a96d9f32d	config.cert-manager.io -> webhook.config.cert-manager.io Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-12-01 12:57:08 +00:00
James Munnelly	71a69cc488	Add unit tests for configfile loading Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-11-26 14:12:54 +00:00
James Munnelly	0e1d603c93	Add support for reading config from WebhookConfiguration object Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-11-26 14:12:54 +00:00
jetstack-bot	f61d534975	Merge pull request #4550 from irbekrm/pprof Pprof	2021-10-26 11:20:40 +01:00
irbekrm	73a696ddb3	Pprof addr for webhook defaults to localhost Also whether it is enabled and the address can now be configured via commandline flags Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-10-26 12:18:32 +03:00
James Munnelly	e7dea9f2a2	Replace all references to pkg/internal with internal Signed-off-by: James Munnelly <jmunnelly@apple.com>	2021-10-21 12:27:04 +01:00
irbekrm	cb6a746726	Runs ./hack/update-all.sh New format of Go build tags gets added Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-09-30 10:08:19 +01:00
Eng Zer Jun	54e70d2cc4	refactor: move from io/ioutil to io and os package The io/ioutil package has been deprecated in Go 1.16. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2021-08-23 19:50:42 +08:00
Ashley Davis	68f5ceb3b4	Fix manually specified Certificate and CertificateRequest versions Basically all modern X.509 certs are version 3, but confusingly to specify "version 3" in an encoded cert, the version number is actually 2. For PKCS#10 CSRs, the only valid version is 1, which again confusingly has the value "0" when encoded. This was incorrect in many places, including one place in which the version number on a CSR was used as a certificate's version number, when the two are entirely unrelated. Go ignores these values, so there's no functional changes here; still, it's better to be accurate. Go ignoring CSR version and specifying 0: https://cs.opensource.google/go/go/+/refs/tags/go1.17:src/crypto/x509/x509.go;l=1958 Go ignoring Certificate version and specifying 2: https://cs.opensource.google/go/go/+/refs/tags/go1.17:src/crypto/x509/x509.go;l=1534 PKCS#10 CSR specification in RFC 2986 section 4.1: https://datatracker.ietf.org/doc/html/rfc2986#section-4 X.509 Cert specification in RFC 5280 section 4.1.2.1: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.1 Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-08-19 14:48:12 +01:00
Inteon	91ec4c773a	use correct contexts everywhere & don't restart apiserver to add crds Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-08-12 20:05:01 +02:00
Inteon	abc39053b2	resolve .Stop() failures Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-08-07 10:19:07 +02:00
jetstack-bot	b04e42c437	Merge pull request #4253 from JoshVanL/apiextensions-v1beta1-v1 Conversion: Apiextensions v1beta1 -> v1	2021-07-30 15:49:49 +01:00
joshvanl	8470ba96f0	Change webhook admission/mutation to no longer understand and reject anything which is not v1 (remove v1beta1) Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-29 11:10:24 +01:00
joshvanl	be2ad9ed15	Update sample ACME webhook to use apiextensions v1beta1 -> v1 Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-26 17:04:35 +01:00
joshvanl	5762b5706e	Update Conversion webhook to no longer understand v1beta1, only v1 Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-26 17:02:18 +01:00
Inteon	632459c6d9	resolve bug & cleanup Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-23 15:41:24 +02:00
Inteon	81e216eeba	wait for goroutines to end before exiting Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-23 15:30:26 +02:00
Ashley Davis	333af8fd94	further static check fixes pkg/internal/apis/certmanager/validation/certificate_for_issuer_test.go:34:2 deadcode `defaultTestCrtName` is unused pkg/issuer/acme/dns/rfc2136/provider_test.go:42:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/acme/dns/rfc2136/provider_test.go:77:23 errcheck Error return value of `server.Shutdown` is not checked pkg/issuer/vault/setup.go:37:2 deadcode `messageVaultHealthCheckFailed` is unused pkg/issuer/venafi/client/request.go:143:5 gosimple S1023: redundant break statement pkg/logs/logs.go:68:8 errcheck Error return value of `fs.Set` is not checked the following fixes introduce a panic when the returned error is non-nil, which could be a breaking change but was deemed to be worth it pkg/webhook/server/server.go:58:30 errcheck Error return value is not checked pkg/webhook/server/server.go:59:25 errcheck Error return value is not checked Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-05-21 12:04:05 +01:00
Tamal Saha	2609aa51e1	Use gomodules.xyz/jsonpatch instead of mattbaird/jsonpatch Signed-off-by: Tamal Saha <tamal@appscode.com>	2021-05-17 13:05:19 -07:00
jetstack-bot	bd817cce0a	Merge pull request #3936 from irbekrm/webhook_warnings Webhook warnings	2021-05-11 13:43:53 +01:00
jetstack-bot	3434c78188	Merge pull request #3960 from wallrj/538-lint-fixes-richardw Fix some linting errors	2021-05-07 11:50:34 +01:00
Jake Sanders	98c3b56e43	close stopch in failure cases Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-06 12:18:56 +01:00
Jake Sanders	eab7c954a2	Use %v to log errors Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-05 16:28:46 +01:00
Jake Sanders	03cc4dc24d	Update bazel Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-04 15:24:12 +01:00
Jake Sanders	e01d96381c	errheck: Error return value of `source.Run` is not checked Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-05-04 14:45:45 +01:00

1 2 3

133 Commits