cert-manager

Author	SHA1	Message	Date
Tim Ramlot	3d406a087b	add Make target for trivy startupapicheck image scan Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-31 11:25:02 +01:00
Tim Ramlot	2bef9d35b6	remove remaining references to cmctl, which was moved to https://github.com/cert-manager/cmctl Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-30 14:56:05 +01:00
Tim Ramlot	1ac2c17361	remove all versionchecker makefile logic Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-29 11:50:09 +01:00
Richard Wall	fb31ee925b	make update-kind-images Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-26 17:18:41 +00:00
Richard Wall	329124a47c	Parse the kind release notes for compatible kindest/node images Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-26 17:18:24 +00:00
Richard Wall	b620953688	./hack/latest-kind-images.sh Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-26 11:08:29 +00:00
Richard Wall	de8e9b07b3	Remove KIND_IMAGE_FULL_ variables and use KIND_IMAGE_K8S_ instead Simplifies the latest-kind-images.sh script and the kind-images.sh variables. Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-26 11:08:29 +00:00
Tim Ramlot	7b94868513	remove cmctl from this repo Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-24 16:15:34 +01:00
Ashley Davis	bd7e4f00a0	no-op: add GOEXPERIMENT var Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2024-01-19 10:20:38 +00:00
Richard Wall	b72010e98f	Add 1.29 to the cluster.sh script Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-16 15:09:46 +00:00
Richard Wall	6d70b75ade	./hack/latest-kind-images.sh Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-16 13:20:29 +00:00
Richard Wall	0f30a69e48	./hack/latest-kind-images.sh Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-16 13:16:17 +00:00
Adam Talbot	a362c742c5	docs: dont wrap reference urls in code blocks Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-16 08:38:15 +00:00
Adam Talbot	af4685c595	feat: update chart README using autogenerated docs Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2024-01-15 10:25:23 +00:00
Ashley Davis	dbf80f6aff	bump go to latest version Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2024-01-11 16:17:51 +00:00
jetstack-bot	18f4440a3c	Merge pull request #6609 from wallrj/6597-publish-startupapicheck Add startupapicheck image to the server bundle of `make release`	2024-01-09 11:01:29 +00:00
Richard Wall	5f719ec7d9	Add startupapicheck image to the server bundle of `make release` Signed-off-by: Richard Wall <richard.wall@venafi.com>	2024-01-05 11:36:49 +00:00
Tim Ramlot	1750ff06ba	don't extract vendored go in downloaded folder Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-04 16:40:56 +01:00
Tim Ramlot	41404a7fd7	rename UseCertificateRequestNameConstraints to NameConstraints Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-03 15:49:18 +01:00
jetstack-bot	cc8925ae9f	Merge pull request #6404 from SpectralHiss/hef/otherNameSANs Other name sans support in Certificates	2024-01-03 14:16:23 +00:00
SpectralHiss	7350863d8a	Add order agnostic matcher for SANs * This is to ensure Vault conformance passes since it outputs SANs in different order to other issuers * Matcher was tested manually only we will add tests to it in future Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2024-01-03 09:13:11 +00:00
Ashley Davis	b3b14fda41	add separate startupapicheck binary Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2024-01-02 17:17:50 +00:00
Tim Ramlot	4f848bf2ee	upgrade base image from debian11 to debian12 Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2024-01-02 13:26:21 +01:00
Adam Talbot	247a034116	feat: update gateway api to v1 Signed-off-by: Adam Talbot <adam.talbot@venafi.com>	2023-12-18 21:00:42 +00:00
Ashley Davis	dd61635f3b	add target + installation for golangci-lint This lets users locally run the same commands that are run in CI Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2023-12-13 19:58:01 +00:00
SpectralHiss	4bdee5f010	Rename otherNameSANs to otherNames * Improve the CRD godoc comments Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>	2023-12-13 16:21:56 +00:00
Tim Ramlot	7b7912022a	Add feature gate Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-12-13 09:16:06 +00:00
jetstack-bot	8da699a735	Merge pull request #6542 from tanujd11/fix/name-constraints-csr-structure fix: structure of nameconstraint in CSR	2023-12-12 16:07:16 +00:00
Richard Wall	f3a91ac8aa	Bump Go to 1.21.5 - go1.21.4 (released 2023-11-07) includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. - go1.21.5 (released 2023-12-05) includes security fixes to the go command, and the net/http and path/filepath packages, as well as bug fixes to the compiler, the go command, the runtime, and the crypto/rand, net, os, and syscall packages. Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-12-11 17:27:09 +00:00
tanujd11	bc75f8488d	fix: structure of nameconstraint in CSR Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-11 18:00:15 +05:30
tanujd11	8d362439a8	fix UTs Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:30:31 +05:30
tanujd11	50d84c1bbc	nits: added new line at EOF and comment fix Signed-off-by: tanujd11 <dwiveditanuj41@gmail.com>	2023-12-07 22:27:42 +05:30
Ashley Davis	f7937c7372	Use explicit debian version for base images Fixes #6478 Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2023-11-14 14:30:45 +00:00
Richard Wall	80896bce36	Update documentation of the Kyverno policies Kustomization file Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-31 15:44:10 +00:00
Richard Wall	c8640908e7	Apply Kyverno policies to E2E test namespaces too By using ClusterPolicy with exlusion rules for the namespaces of non-compliant E2E test tools. Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-31 14:11:41 +00:00
jetstack-bot	dd3fe1fe02	Merge pull request #6453 from wallrj/read-only-root-filesystem Enable readOnlyRootFilesystem by default	2023-10-31 11:27:20 +01:00
Richard Wall	9dfb7c3ecf	Enable readOnlyRootFilesystem policy in Kyverno Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-27 16:03:17 +01:00
Richard Wall	c3a8144da8	Update the Kyverno policy file Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-27 15:58:11 +01:00
Richard Wall	2264de13f3	Use latest version of the bestpractice Helm values Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-27 14:33:47 +01:00
Richard Wall	1329c71f27	Add a dedicated rule for kindest node And explain why Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-26 16:00:18 +01:00
Richard Wall	c08e34cab1	./hack/latest-kind-images.sh Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-26 14:43:11 +01:00
Richard Wall	4d2a227794	Remove the multi-arch variant Because it was also broken and was being supplied with digests of single-architecture images rather than multi-arch manifests Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-24 14:52:10 +01:00
Richard Wall	c34bddace7	Update ingress-nginx image checksums Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-24 14:19:30 +01:00
Richard Wall	5db745b103	Fix the digest check for single-arch images Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-24 13:52:50 +01:00
Richard Wall	ecada9c30f	Upgrade ingress NGINX Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-24 13:16:13 +01:00
Richard Wall	a1164b9c4f	Use sample-external-issuer v0.4.0 Signed-off-by: Richard Wall <richard.wall@venafi.com>	2023-10-24 11:16:35 +01:00
Tim Ramlot	aab50ac20d	fix the 'make update-licenses' command on macos Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>	2023-10-19 09:16:27 +02:00
Ashley Davis	45545ec39f	bump base images to latest Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2023-10-12 10:29:24 +01:00
Ashley Davis	ad3bc2c66a	bump go to latest version to address CVE-2023-39325 Signed-off-by: Ashley Davis <ashley.davis@venafi.com>	2023-10-12 10:27:16 +01:00
jetstack-bot	c6ff0136d2	Merge pull request #6396 from SgtCoDFish/bumpbase bump base images	2023-10-06 19:05:08 +02:00

1 2 3 4 5 ...

382 Commits