weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
8,759 Commits 45 Branches 0 Tags 96 MiB
cd2d71f670
Commit Graph

106 Commits

Author SHA1 Message Date
Tim Ramlot
dd4f5f4e39
fix unparam linter 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2024-04-30 10:47:21 +02:00
Tim Ramlot
d6404482e3
fix loggercheck linter 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2024-04-29 16:48:59 +02:00
Tim Ramlot
085136068a
fix misspell linter 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2024-04-29 15:21:07 +02:00
Tim Ramlot
0ed660873e
fix incorrect comments and error messages 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2024-02-16 19:49:28 +01:00
Tim Ramlot
672aad41bf
don't call ListCertAlternates if default chain matches the preferred chain 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2024-02-16 15:23:22 +01:00
Sam Lee
94509d0490
changed term 'alt' to 'preferred' 
Signed-off-by: Sam Lee <me@shibuya-rin.moe>
 2024-02-13 22:12:53 +09:00
Sam Lee
b9ac41726c
make getAltCertChain checks only topmost certificate 
Signed-off-by: Sam Lee <me@shibuya-rin.moe>
 2024-02-13 19:10:16 +09:00
Sam Lee
811cc7908e
fix getAltCertChain not considering primary chain as candidate 
Signed-off-by: Sam Lee <me@shibuya-rin.moe>
 2024-02-13 19:10:16 +09:00
Richard Wall
036e3a8e74 Replace all uses of sets.String with the generic sets.Set 
Signed-off-by: Richard Wall <richard.wall@venafi.com>
 2024-01-02 17:24:38 +00:00
guiyong.ou
3d76c20f51 cleanup: some redundant code clean up 
Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>
 2023-08-14 17:36:25 +08:00
irbekrm
dba18119aa Ensures that key for an ACME challenge is only retrieved from the ACME server once 
Thus reducing the number of HTTP01ChallengeResponse/DNS01ChallengeResponse calls

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-04-05 16:28:14 +01:00
irbekrm
202d75ffe6 Updates code comment 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-04-05 16:28:14 +01:00
irbekrm
0964d6d03d Removes extra GET calls for ACME order resource 
In cases where a synced Order does not require any processing from this controller

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-04-05 16:28:14 +01:00
joshvanl
0802489f4e Updates Order controller to support apply call when feature gate it 
enabled

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-16 10:33:48 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
irbekrm
e7cc37ef71 Code review feedback 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Co-authored-by: Maël Valais <mael@vls.dev>
 2022-01-11 18:09:44 +00:00
irbekrm
24866544b8 Ensures that if alternate cert chain is specified, it is retrieved 
Ensures that if the cert is retrieved in a reconcile following the one that finalized the ACME order, the alternate cert chain is still respected, if specified by user

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-01-11 10:51:14 +00:00
irbekrm
de8aa2583e Ensures that ACME orders controller does not create new order if it failed to update old order's status to valid 
Check the status of the ACME order if finalizing order failed to catch edge cases where the order is already finalized, but the updating of Order CR's status has failed

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-01-11 10:51:14 +00:00
irbekrm
4aee0a4acd Reduce a few calls to ACME server 
Ensure that when updating cert-manager Order CR's status from an existing ACME Order only one call will be made to retrieve the ACME Order

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-26 16:31:27 +00:00
irbekrm
e66c6a04d4 Fixes a typo in finalizeOrders 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-26 16:30:25 +00:00
irbekrm
7739497f22 Don't process Order CRs that have failed 
Ensure that cert-manager does not attempt to create new ACME Orders for cert-manager Order CRs that are in failed (errored, invalid or expired) state. If the CertificateRequest was created from a Certificate, the issuance will be retried after 1 hour

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-11-23 15:34:35 +00:00
irbekrm
598ed35e4a Uses go/crypto ListCertAlternates function to fetch alternative certificate chains 
This allows us to use upstream go/crypto again instead of our own fork

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-10-07 15:21:26 +01:00
irbekrm
06f6b46f30 Implements feedback from code review 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:20:05 +01:00
irbekrm
bbfd2294f9 Integration test for ACME Orders controller 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:11:48 +01:00
irbekrm
1e235c79f2 Re-queue Order with finalized Challenges, but pending state 
To avoid stuck Orders in case of a misbehaving ACME server

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-05-19 13:05:44 +01:00
jetstack-bot
06b68d35e0
Merge pull request #3835 from RinkiyaKeDad/3620_constants_in_eventf 
chore: used constants for string literals when recording new events
 2021-04-13 15:14:11 +01:00
RinkiyaKeDad
0b87eeae97 added reason prefix for all 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-13 16:40:56 +05:30
RinkiyaKeDad
bba7c1011d added prefix and made constants public 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-08 12:17:15 +05:30
RinkiyaKeDad
ab912ef120 chore: added constants for non repeating ones also 
Signed-off-by: RinkiyaKeDad <arshsharma461@gmail.com>
 2021-04-01 15:46:54 +05:30
joshvanl
18ae2295f9 Pass context through to client calls in controllers and acme issuer 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-31 20:34:12 +01:00
Salman
572bfb9111 Replace reflect.DeepEqual with semantic equality check 
Signed-off-by: salmanahmed404 <salmanahmed404@gmail.com>
 2021-03-27 12:49:14 +05:30
Maartje Eyskens
ab0cd57dc5 Use The cert-manager Authors. 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-11 19:04:13 +01:00
Maartje Eyskens
1788a9d758 Update copyright to cert-manager project 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-12-08 19:04:49 +01:00
Maartje Eyskens
04d88479e4 Pass duration on until ACME order creation 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-11-20 09:46:49 +01:00
Maartje Eyskens
7b6573aa35 Add duration into ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-11-20 09:45:32 +01:00
Mateusz Gozdek
27fa2f1ec4
Fix various typos found by codespell 
Found by running this command:

codespell -S .git,*.png,go.sum -L keypair,iam,ans,unknwon,tage,ths,creater

Signed-off-by: Mateusz Gozdek <mgozdekof@gmail.com>
 2020-11-07 14:55:13 +01:00
Maartje Eyskens
39de7f3b99 Fix IP type 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-10-08 15:24:56 +02:00
Maartje Eyskens
b3e25815a5 Add support for IPs in ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-10-08 15:24:56 +02:00
Maartje Eyskens
90d6a54151 Add support for alternate certs with PrefferedChain in ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-21 17:56:26 +02:00
Richard Wall
821d824cc2 Revert renaming of CSR > Request in comments and in error messages 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:28:07 +01:00
Richard Wall
a70298180a Run a script to update v1alpha2 usage to v1 
Script is available at https://github.com/jetstack/cert-manager/pull/3201

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-20 14:26:51 +01:00
Maartje Eyskens
3259fdfe9b Implement feedback 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
827ce9c5ad Revert log levels on errors 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
86dee5ed41 Set error log levels 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Maartje Eyskens
fecd0b3518 Set all log levels for info 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
James Munnelly
09d5121713 Update acmeorders controller for new field type 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-07-06 16:25:46 +01:00
JoshVanL
92eb8d0957
Refactor controllers to use new instrumented metrics that's baked into 
all controllers

Signed-off-by: JoshVanL <vleeuwenjoshua@gmail.com>
 2020-05-18 17:43:56 +01:00
James Munnelly
b126a0c0e5 Use acme AccountRegistry throughout and tidy up ACME setup code 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-13 13:14:46 +01:00
James Munnelly
982b21bb06 Fix bug that could lead to validation to fail when attempting to update immutable field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-01 12:33:14 +01:00
James Munnelly
3e8649abc2 Handle ACME orders with already valid authorizations upon first fetch through new 'initialState' field 
Signed-off-by: James Munnelly <james@munnelly.eu>
 2020-05-01 12:33:14 +01:00