weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
8,000 Commits 45 Branches 0 Tags 96 MiB
c70d9aba08
Commit Graph

29 Commits

Author SHA1 Message Date
Tim Ramlot
c70d9aba08
Rename DontAllowInsecureCSRUsageDefinition feature flag to DisallowInsecureCSRUsageDefinition and make it a Beta flag. 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-08-25 15:18:14 +02:00
Tim Ramlot
5ba29272c0
add validation to pki CertificateTemplate function 
and add support for add DontAllowInsecureCSRUsageDefinition featuregate
to use old behavior in controller

Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-07-05 13:04:21 +02:00
Tim Ramlot
0cf0f80b40
switch to non-deprecated functions in source code 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-05-10 19:22:49 +02:00
irbekrm
7d592a8270 Swap upstream core informers factory with out wrapper 
This does not actually change how the informers work. This also adds a partial metadata client to root context

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-03-22 09:03:16 +00:00
joshvanl
ccf579cf31 Adds extra informer for the CertificateRequest SelfSigned controller, 
so that CertificateRequets will be re-synced on informed Secrets which
are referenced with "cert-manager.io/private-key-secret-name"

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-08-09 08:39:50 +01:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
bd18c0ed86 Update CertificateRequest controllers to use new controller factory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
Ashley Davis
5e31fa37ff
selfsigned: warn when certs have empty issuer DNs 
as raised in#3634 - RFC 5280 states that the issuer field cannot be
empty, but this could easily happen with selfsigned certs which had
an empty subject (as the issuer matches the subject when the cert is
self signed)

this commit detects when a cert would be issued selfsigned with an
empty subject DN and emits a warning event, allowing cluster operators
to detect the warning and potentially either re-issue to generate a
compliant cert, or else accept the risk.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2021-03-26 11:51:46 +00:00
Maartje Eyskens
ab0cd57dc5 Use The cert-manager Authors. 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-11 19:04:13 +01:00
Maartje Eyskens
1788a9d758 Update copyright to cert-manager project 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-08 19:04:49 +01:00
Richard Wall
a70298180a Run a script to update v1alpha2 usage to v1 
Script is available at https://github.com/jetstack/cert-manager/pull/3201

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:26:51 +01:00
Maartje Eyskens
827ce9c5ad Revert log levels on errors 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
86dee5ed41 Set error log levels 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Maartje Eyskens
fecd0b3518 Set all log levels for info 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
James Munnelly
6caa4c451d Rename CRPrivateKeyAnnotationKey -> CertificateRequestPrivateKeyAnnotationKey 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-06-26 14:47:27 +01:00
srBraun
04bfddefc3 adds support for CDP to selfsigned issuer 
Signed-off-by: srBraun <dev@skra.space>
 2020-03-02 12:40:46 +01:00
James Munnelly
58754abf37 Refactor codebase for v1alpha2 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-09-20 16:22:43 +01:00
James Munnelly
6052e0558e Refactor base controller and allow Running additional informers 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2019-08-21 13:22:57 +01:00
JoshVanL
ebf38dbfbb Refactor and cleans up SelfSigned CR controller tests 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-14 22:24:14 +01:00
JoshVanL
0eb4ef385b Change CR reporter to be a long lived struct 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-13 11:36:53 +01:00
JoshVanL
0361a83c20 Fix reporter not setting correct conditions 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-13 10:02:53 +01:00
JoshVanL
233afd2f94 Remove fake in CR controller and fail hard for no annotations for 
selfsigned

Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-02 12:36:01 +01:00
JoshVanL
6bd9de1253 Have CR selfsigned to use reporter 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 17:01:39 +01:00
JoshVanL
46fd159f81 Register self signed CR controller 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00
JoshVanL
97f2183a16 Adds fake secrets lister to simulate network failure 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00
JoshVanL
6d3416325e Move tests to use new slimmer controller test builder 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00
JoshVanL
d98a6dc9d6 Adds events checks to SelfSigned sign unit tests 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00
JoshVanL
f26ea8dfb6 Adds selfsigned certificaterequest e2e tests 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00
JoshVanL
0ce8aab9d2 Adds SelfSigned certificaterequest controller 
Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2019-08-01 16:39:01 +01:00