cert-manager

Author	SHA1	Message	Date
Tim Ramlot	dd4f5f4e39	fix unparam linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-30 10:47:21 +02:00
Tim Ramlot	ae98ba806b	fix gocritic linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 15:50:47 +02:00
Tim Ramlot	9db044b232	fix gci linter Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-04-29 13:47:25 +02:00
Youngjun	237dfd9f0d	refectoring: remove unnecessary code Signed-off-by: Youngjun <yj.yoo@okestro.com>	2024-04-22 14:24:59 +09:00
Tim Ramlot	968cefe02f	improve CertificateOwnsSecret and add tests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-05 16:24:59 +01:00
Tim Ramlot	78a5032d2c	fix bug in CertificateOwnsSecret and add unit test Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-05 12:59:39 +01:00
Tim Ramlot	4c94f3ef10	create ad-hoc schemes instead of sharing global ones Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-11-06 21:58:24 +01:00
Tim Ramlot	c51b23497d	update the Condition Message for IncorrectCertificate Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-17 17:43:26 +02:00
Tim Ramlot	b6ba4ded86	add test for SecretCertificateNameAnnotationsMismatch Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-17 17:31:38 +02:00
Tim Ramlot	15bc387da6	make changes based on feedback Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-13 19:42:13 +02:00
Tim Ramlot	61bdecf68a	only sort the duplicates Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 14:05:50 +02:00
Tim Ramlot	d40dae9d67	Fix DuplicateSecretName issue Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-11 13:47:44 +02:00
Tim Ramlot	cf8e37291a	replace k8s.io/utils/pointer with k8s.io/utils/ptr Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-08-28 09:33:10 +02:00
Tim Ramlot	36ddf19e2e	improve Trigger, Readiness and PostIssuance Policy chains Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-07-24 09:42:19 +02:00
Tim Ramlot	bfa61c7804	add comments explaining what the label and annotation checks do Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-29 18:50:28 +02:00
Tim Ramlot	c16a34e0b1	use .Delete() Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-29 18:50:24 +02:00
Tim Ramlot	1649730a0d	Update internal/controller/certificates/policies/checks.go Co-authored-by: Richard Wall <wallrj@users.noreply.github.com> Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-29 12:54:20 +01:00
Tim Ramlot	a9339849e5	improve label and annotation checks Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-23 17:05:42 +02:00
Tim Ramlot	229f99c197	update testcase based on feedback Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-23 09:14:38 +02:00
Tim Ramlot	19377b43b1	fix feedback from @wallrj Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-21 15:31:20 +02:00
Tim Ramlot	d310d8597c	improve comments Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-20 16:48:56 +02:00
Tim Ramlot	22440e8710	add SecretPublicKeysDiffersFromCurrentCertificateRequest check Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-20 16:48:50 +02:00
Tim Ramlot	9c9e833c5a	add TODO comment that explains that we don't understand the reason for the current behaviour Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-14 14:51:07 +02:00
Tim Ramlot	3aa7b82e43	Update internal/controller/certificates/policies/checks.go Co-authored-by: EDDIE-DAV <136573637+EDDIE-DAV@users.noreply.github.com> Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-14 10:19:52 +01:00
Tim Ramlot	8ddf016b00	fix a bug that caused the issuer-ref and certificate-name annotations on Secrets to be correct when being updated. Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-06-13 16:54:32 +02:00
Tim Ramlot	e7530880ce	use Version 3 for all Certificates and Version 0 for all CertificateRequests Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-05-11 10:21:55 +02:00
Thomas Müller	12483d3d54	Check JKS/PKCS12 truststores only if issuer provides the CA The current policy check for keystores in Secrets creates a loop because the truststore.jks or truststore.p12 will never exist when the issuer didn't provide the CA certificate. This behaviour was introduced by #5597 The JKS and PKCS12 truststores are only added to the Secret if the CA is provided by the issuer. The CertificateRequest API reference states: > The PEM encoded x509 certificate of the signer, also known > as the CA (Certificate Authority). This is set on a best-effort basis by > different issuers. If not set, the CA is assumed to be unknown/not available. This change will only check the PKCS12/JKS truststores if the CA cert from the issuer exists in the secret. Fixes #5755 Signed-off-by: Thomas Müller <thomas@chaschperli.ch>	2023-04-27 17:09:41 +02:00
irbekrm	7d592a8270	Swap upstream core informers factory with out wrapper This does not actually change how the informers work. This also adds a partial metadata client to root context Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-03-22 09:03:16 +00:00
Tim Ramlot	23de5240e9	move utility functions to reduce fragmentation and rename functions for consistency Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-01-23 13:19:39 +01:00
jetstack-bot	1038ca4494	Merge pull request #4502 from ctrought/master support subject and email annotations for ingress/gateway	2023-01-20 14:35:37 +00:00
irbekrm	5e8fd7dc41	Policy check ensures that cert.sepc.secretName secret gets labelled Makes sure that when an unlabelled Secret is encountered at any point (even outside issuance) it will be labelled Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-01-06 18:31:31 +00:00
irbekrm	c7465fd921	Issuing controller ensures that cert.spec.secretName secrets are labelled Signed-off-by: irbekrm <irbekrm@gmail.com>	2023-01-06 18:29:51 +00:00
Sathyanarayanan Saravanamuthu	f719247d2b	Addressing review comments Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu	4a6bae60be	Update internal/controller/certificates/policies/checks.go Co-authored-by: Richard Wall <wallrj@users.noreply.github.com> Signed-off-by: Sathyanarayanan Saravanamuthu <107846526+sathyanarays@users.noreply.github.com>	2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu	42ae76ae30	Refreshing secrets when the keystore fields change Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>	2022-12-06 18:54:46 +05:30
ctrought	d9a95b7afa	remove empty subject annotations Signed-off-by: ctrought <65360454+ctrought@users.noreply.github.com>	2022-08-22 11:01:22 -04:00
ctrought	d9a8047f9c	ingress subject annotations & helper tests Signed-off-by: ctrought <65360454+ctrought@users.noreply.github.com>	2022-08-22 11:01:18 -04:00
Tim Ramlot	93caba980e	apply go fmt for go1.19 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2022-08-04 09:51:57 +00:00
Ashley Davis	fb231ab641	Remove bazel 🎉 This removes all .bazel and .bzl files, and a bunch of scripts relating to bazel, now that it's been entirely replaced. There are still a few places where traces could be removed, but this removes the brunt of the bazel stuff that remains. Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-07-26 11:38:50 +01:00
Irbe Krumina	1d917ef311	Revert "Use Apply instead of Update to modify resources in tests" Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-05-03 11:31:47 +01:00
irbekrm	58b633aa04	Code review feedback Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-04-29 12:42:41 +01:00
irbekrm	54a487f1fb	certificates.Apply returns the patched certificate Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-04-28 14:41:22 +01:00
joshvanl	a8bfc2fd36	Adds certificates policy checks for owner references Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-03-29 13:54:27 +01:00
joshvanl	c1c2d2d081	Add roundtrip test to Certificate serializing. Add field manager to certificates-shim Create API call Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-03-28 12:40:29 +01:00
joshvanl	82e3b6aa43	Adds apply helper function for Certificates Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-03-28 12:39:09 +01:00
joshvanl	593ea18341	Remove carrot from OWNERS file match string Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:18:44 +00:00
joshvanl	4dc6c957d4	Adds review comments Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:15:57 +00:00
joshvanl	6b3cde9327	Fix apply[_test].go package names Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:15:57 +00:00
joshvanl	37775615ff	Use ApplyStatus in all Certificates controllers. When ServerSideApply enabled, set Issuing condition to False instead of removing it Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:15:57 +00:00
joshvanl	f4f3ab22e1	Adds shared internal controller certificates apply status func Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:15:57 +00:00

1 2

56 Commits