weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
6,343 Commits 45 Branches 0 Tags 96 MiB
c9bc776b49
Commit Graph

2692 Commits

Author SHA1 Message Date
Adphi
c9bc776b49
acme-http: fix tests 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
 2022-01-06 21:37:04 +01:00
Adphi
498c496053
acme-http: fix bazel 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
 2022-01-06 21:02:51 +01:00
Adphi
3375fa0609
http01: add custom nameservers support (#4286) 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
 2022-01-06 21:02:46 +01:00
James Munnelly
8ff84e8b70 Re-organise and extend path loading logic to make it easier to run integration tests using Delve/GoLand 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 15:22:39 +00:00
jetstack-bot
97c4b7b8d3
Merge pull request #4705 from SgtCoDFish/goimports 
Three small goimports fixes against current HEAD
 2022-01-04 17:40:31 +00:00
Ashley Davis
727e29a747
three small goimports fixes against current HEAD 
rather than using the default suggested `v1` names for some imports, we
use more descriptive names

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-04 16:05:42 +00:00
jetstack-bot
019d64edcf
Merge pull request #4688 from irbekrm/renew_failed 
Fixes a bug where a previous failed CertificateRequest was picked up during next issuance
 2022-01-04 15:08:31 +00:00
irbekrm
0a4617e582 Fix staticcheck error 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-01-04 10:11:04 +00:00
irbekrm
fac6622f5e Delete CertificateRequest that failed during previous issuance if we are re-issuing for the same revision 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-12-22 14:54:55 +00:00
irbekrm
ff67b2a9a0 Ignore failed CRs for previous issuance in certificates-issuing controller 
Issuing controller should only look at 'current' CertificateRequests

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-12-22 14:51:25 +00:00
James Munnelly
5d7df17a24 pkg/webhook/authority: extract logger from context 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:52:26 +00:00
James Munnelly
bdb06ae55b Fix failing unit test 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:32:27 +00:00
James Munnelly
29c797cfb4 Run update-codegen.sh 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:13:44 +00:00
James Munnelly
81f22fd49c Upgrade k8s.io dependencies to v0.23.1 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 16:27:47 +00:00
Richard Wall
36c4de9881 Update import paths 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
17a2ec5198 update-bazel.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
1fc14676f6 Move deprecated type definitions to the internal package 
find pkg/apis/{acme,certmanager} -mindepth 1 -maxdepth 1 -not -name v1  -type d | while read d; do v=$(basename $d); g=$(basename $(dirname $d)); git mv -k $d/*.go internal/apis/$g/$v/; done

find pkg/apis/{acme,certmanager} -mindepth 1 -maxdepth 1 -not -name v1  -type d | while read d; do v=$(basename $d); g=$(basename $(dirname $d)); git rm -rf $d/; done

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-16 11:11:04 +00:00
Richard Wall
2c16d49c8c ./hack/update-bazel.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:41:15 +00:00
Richard Wall
97125afd6e Remove typed client packages 
find pkg/client/ -type d -name v1alpha2 -o -name v1alpha3 -o -name v1beta1 | xargs git rm -r

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:40:33 +00:00
Richard Wall
a21b745d01 ./hack/update-codegen.sh 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-15 16:30:19 +00:00
Richard Wall
4eedf4fcfd Test conversion code using sample CRDs and remove conversion configuration from cert-manager CRDs 
* Generate CRDs for the sample API types
* Allow alternative CRDs to be loaded into the envtest API server
* Override the conversion configuration of the CRDs
* Show webhook server logs in tests
* Simplify the loading of the test API CRDs
* Allow the ConversionHandler to be overridden in tests

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-12-14 17:33:22 +00:00
jetstack-bot
5894ed989a
Merge pull request #4546 from munnerz/webhook-config-api 
Support loading webhook config from versioned file
 2021-12-14 10:09:02 +00:00
joshvanl
4d40bdcd96 Fix tests after metrics comment changes. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-07 07:42:27 +00:00
joshvanl
27c43b317e Adds deprecated message to clock_time_metrics 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-07 07:10:27 +00:00
joshvanl
b4f2d4982b Ensure clockTimeSecondsGauge is registered. Updates metrics integration 
tests to include gauge clock metric

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-02 12:11:20 +00:00
joshvanl
51e728688f Adds clock_time_seconds_gauge metric which returns the current clock 
time, based on unix time since time began

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-12-02 11:27:22 +00:00
jetstack-bot
3191293cb8
Merge pull request #4637 from JoshVanL/certificats-dont-error-on-delete 
Change Certificates controller to no longer error for a Certificate that no longer exists
 2021-12-01 14:19:25 +00:00
James Munnelly
ce3f3fc1f2 Regenerate files 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-01 12:57:08 +00:00
James Munnelly
1a96d9f32d config.cert-manager.io -> webhook.config.cert-manager.io 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-01 12:57:08 +00:00
joshvanl
d5503c2ed2 Change certificates controller to no longer error for a Certificate that 
no longer exists

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-11-30 15:13:14 +00:00
jetstack-bot
ce019f059c
Merge pull request #4615 from johnwchadwick/version-check-disregard-failed-pods 
Only consider running pods when determining version
 2021-11-30 14:14:45 +00:00
James Munnelly
9fce2ba5b0 Move files to create config.webhook.cert-manager.io 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 15:15:44 +00:00
James Munnelly
71a69cc488 Add unit tests for configfile loading 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
48a5efea5d Fix copyright headers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
0e1d603c93 Add support for reading config from WebhookConfiguration object 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
97863d245f Regenerate files 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
afa8e5a304 Refactoring webhook initialisation to support early config handling 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
James Munnelly
fb81666e56 Add config.cert-manager.io API group 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-11-26 14:12:54 +00:00
John Chadwick
d094e20611 Only consider running pods when checking version 
Some clusters may have failed pods that are not garbage collected. These
pods should not be considered when determining version numbers.

Signed-off-by: John Chadwick <86682572+johnwchadwick@users.noreply.github.com>
 2021-11-23 11:32:10 -05:00
irbekrm
7739497f22 Don't process Order CRs that have failed 
Ensure that cert-manager does not attempt to create new ACME Orders for cert-manager Order CRs that are in failed (errored, invalid or expired) state. If the CertificateRequest was created from a Certificate, the issuance will be retried after 1 hour

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-23 15:34:35 +00:00
Krzysztof Ostrowski
e35cb361c8
add comments to satisfy linter 
Signed-off-by: Krzysztof Ostrowski <kostrows@redhat.com>
Co-authored-by: Irbe Krumina <irbekrm@gmail.com>
 2021-11-04 18:15:46 +01:00
Igor Zibarev
f9ceb8a73e Fix some lint issues regarding comments 
References issue #4457

Signed-off-by: Igor Zibarev <zibarev.i@gmail.com>
 2021-11-02 13:57:20 +03:00
Jake Sanders
486fc49545
Add fuzzing unit tests for JKS passwords 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-10-29 15:12:51 +01:00
jetstack-bot
f61d534975
Merge pull request #4550 from irbekrm/pprof 
Pprof
 2021-10-26 11:20:40 +01:00
irbekrm
7b6eeff457 Profiler address for controller can now be configured 
Ensures that pprof is configured for controller in the same way as for cainjector

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-26 12:20:42 +03:00
irbekrm
73a696ddb3 Pprof addr for webhook defaults to localhost 
Also whether it is enabled and the address can now be configured via commandline flags

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-26 12:18:32 +03:00
James Munnelly
b3159537e1 Remove unused codegen tags 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 15:43:50 +01:00
James Munnelly
e7dea9f2a2 Replace all references to pkg/internal with internal 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 12:27:04 +01:00
James Munnelly
f81703d9ab Move pkg/internal/ to internal/ 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-10-21 12:24:28 +01:00
irbekrm
598ed35e4a Uses go/crypto ListCertAlternates function to fetch alternative certificate chains 
This allows us to use upstream go/crypto again instead of our own fork

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-07 15:21:26 +01:00