cert-manager

Author	SHA1	Message	Date
Ashley Davis	eccde015ac	add CRD generation to makefile, replacing bazel - includes a run of make update-crds which causes some trivial changes - updates version of YQ to latest - makes hack/update-crds.sh just call make - makes hack/verify-crds.sh just call make - moves functionality of hack/verify-crds.sh to hack/check-crds.sh, using the makefile for generating alternative CRDs for comparison - removes the bazel test associated with CRDs Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-06-27 13:25:18 +01:00
Alessandro Vermeulen	1da01211ee	Feature gated support for using literal subjects in `Certificate`s Signed-off-by: Alessandro Vermeulen <alessandro.vermeulen@ing.com>	2022-06-08 20:50:00 +02:00
irbekrm	db8c6999a8	Remove leftover cainjector annotations from our CRDs Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-05-09 17:24:30 +01:00
jetstack-bot	86ad9962a3	Merge pull request #4967 from maelvls/gwapi-v1alpha2-optional-labels Gateway API: with v1alpha2, the labels have become optional	2022-03-30 15:11:33 +01:00
Jake Sanders	b72db63761	Change label description for HTTP-01 Gateway API solver and fix tests Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2022-03-30 12:52:34 +01:00
Maël Valais	4b3af946db	gateway-api: with v1alpha2, the labels have become optional Previously, in v1alpha1, an HTTPRoute was matched to a Gateway using the label selectors present on the Gateways. For example, with the following Gateway: apiVersion: networking.x-k8s.io/v1alpha1 kind: Gateway metadata: name: acmesolver spec: listeners: - protocol: HTTP port: 80 routes: kind: HTTPRoute selector: matchLabels: app: foo you would have to use the following labels on the HTTPRoute in order to get the above Gateway to be used: apiVersion: networking.x-k8s.io/v1alpha1 kind: HTTPRoute metadata: labels: app: foo With v1alpha2, the label selectors have been dropped. Instead, the HTTPRoute has to give a direct reference to the Gateway: apiVersion: gateway.networking.k8s.io/v1alpha2 kind: HTTPRoute spec: parentRefs: - kind: Gateway name: acmesolver namespace: traefik This means that the "labels" field on the gatewayHTTPRoute solver is now optional: apiVersion: cert-manager.io/v1 kind: Issuer spec: acme: solvers: - http01: gatewayHTTPRoute: labels: \| This field is app: test \| now optional. parentRefs: - kind: Gateway name: acmesolver Signed-off-by: Maël Valais <mael@vls.dev>	2022-03-21 17:39:10 +01:00
irbekrm	dbad3d98f3	Rename issuanceAttempts -> failedIssuanceAttempts In an attempt to convey the meaning of the field better Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-03-21 07:33:51 +00:00
irbekrm	affb5e86ef	Adds IssuanceAttempts field to Certificate's status Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-03-21 07:33:51 +00:00
Joakim Ahrlin	f5275cf1cc	add enum for rotationPolicy Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>	2022-03-03 16:31:23 +01:00
Joakim Ahrlin	eb64e6494c	update deps and BUILD files Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>	2022-03-01 15:05:18 +00:00
jetstack-bot	10c5d72279	Merge pull request #4792 from JoshVanL/controllers-server-side-apply-certificaterequests Server Side Apply: Adds support for CertificateRequests controller to use SSA with Feature Gate	2022-02-16 10:57:37 +00:00
jetstack-bot	ad4264b6ec	Merge pull request #4841 from irbekrm/remove_annotation Removes cainjector annotations from CRDs	2022-02-14 10:48:52 +00:00
jetstack-bot	12a2148df3	Merge pull request #4794 from JoshVanL/controllers-server-side-apply-issuers Server Side Apply: Adds support for [Cluster]Issuer controller to use SSA with Feature Gate	2022-02-11 19:37:01 +00:00
joshvanl	49108a0278	Adds list map type to Conditions for both Issuers and Cluster Issuers Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:26:56 +00:00
joshvanl	a4588c3401	Adds condition_list_type_test integration test for CertificateRequest object Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:22:33 +00:00
joshvanl	23ba58b008	Update CRD for field labels. Adds patch rbac to Certificates for cert-manager controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:14:31 +00:00
irbekrm	5fd80d6ad3	Removes cainjector annotations from CRDs As we're no longer using cainjector to inject CA bundles to those CRDs Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-02-10 13:43:06 +00:00
joshvanl	35fba365bf	Update AdditionalOutputFormats comment to reflect addition of feature to webhook set. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-01 17:04:55 +00:00
joshvanl	5019aaacfc	Update SecretTemplate API comments to highlight that annotations are appended to base annotations Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:40:13 +00:00
joshvanl	162519869e	Updates CRD with new secret template comment Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	d6fb5138f2	Re-add crd-certificates.yaml Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-17 11:24:45 +00:00
joshvanl	685dd79c0c	Makes some minor API naming changes, and clears up some docs around the Certifcate's additional output formats. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-14 20:00:26 +00:00
Thierry Sallé	7f8641dd94	[additionalOutputFormats] Update comments and add more tests Signed-off-by: Thierry Sallé <seuf76@gmail.com>	2022-01-14 11:10:32 +01:00
Thierry	81f308221b	Add certifcate additionalOutputFormats parameter DER Format to create key.der binary format of the private key. CombinedPEM Format to create tls-combined.pem containing tls.key + tls.crt. Added Unit and e2e tests for secret with Additional output format. Feature flag AdditionalCertificateOutputFormats to enable feature. Signed-off-by: Thierry Sallé <seuf76@gmail.com>	2022-01-14 11:10:32 +01:00
Richard Wall	d80c53dc16	Remove conversion webhook configurations Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-12-14 17:42:54 +00:00
Richard Wall	704fe73b4b	Remove deprectated APIs from the CRD templates Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-11-30 13:33:59 +00:00
Richard Wall	c6896b2f93	Set all non-v1 CRD versions as not-served Signed-off-by: Richard Wall <richard.wall@jetstack.io>	2021-09-29 12:17:32 +01:00
jetstack-bot	8f0225189e	Merge pull request #4332 from tomasfreund/feature/azure-dns-msi-id Add option to specify managed identity id when using azure dns	2021-09-03 17:17:22 +01:00
Jake Sanders	5df1dd4932	Update Docs on solver type to reflect default service type Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-19 14:55:50 +01:00
irbekrm	7d30a6452c	Removes status fields from CRD definitions Signed-off-by: irbekrm <irbekrm@gmail.com>	2021-08-18 10:17:34 +01:00
jetstack-bot	30c40f8f15	Merge pull request #4348 from inteon/upgrade_deps_v0.22.0 Upgrade deps (kube v0.22.0)	2021-08-14 01:07:12 +02:00
Inteon	b13eb0483b	upgrade deps to latest version (kube v0.22.0) Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-08-13 23:38:59 +02:00
Tomáš Freund	8e737dd1b7	move azure managed identity config to nested struct, improve validation Signed-off-by: Tomáš Freund <tomas.freund@datamole.cz>	2021-08-13 16:17:08 +02:00
Ashley Davis	e0e5a50f31	fix mistakenly changed CRDs for v1beta1 (#4352 ) Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2021-08-13 13:44:05 +01:00
jetstack-bot	d647e543e3	Merge pull request #4276 from jakexks/gateway-http01 Experimental Gateway API support for ACME HTTP-01 Solving	2021-08-03 18:51:49 +01:00
jetstack-bot	b5f80c428e	Merge pull request #4234 from inteon/add_startupapicheck Add startup api check Job	2021-08-03 17:41:49 +01:00
Jake Sanders	23e1acdd5c	Update Gateway HTTPRoute Label doc string Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-03 15:26:40 +01:00
Jake Sanders	c2d7a98192	Remove PodTemplate from Gateway Solver, rename to GatewayHTTPRoute Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-03 14:26:45 +01:00
Jonathan Prates	50bb91a032	feat: update object description explaning the current behaviour Signed-off-by: jonathansp <jonathansimonprates@gmail.com>	2021-08-03 09:26:23 +01:00
Jonathan Prates	9f36f8984b	feat: copy SecretTemplate api to v1alpha2 v1alpha3 and v1beta1 Signed-off-by: jonathansp <jonathansimonprates@gmail.com>	2021-08-03 01:19:11 +01:00
Jonathan Prates	0569997ede	feat: update crds Signed-off-by: jonathansp <jonathansimonprates@gmail.com>	2021-08-03 01:19:11 +01:00
Jake Sanders	b38869b551	Gateway HTTP01: Make docs better, only enable gateway solver if gateway API is found Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-02 14:06:23 +01:00
Jake Sanders	deb9ccc5a9	HTTP01 solver support for the Gateway API Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-02 14:06:16 +01:00
Jake Sanders	6f6213c5fd	APIs and validation Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2021-08-02 14:06:09 +01:00
Inteon	0eabaec743	change startupapicheck to helm post-install hook Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-30 16:04:55 +02:00
joshvanl	6c5a4897b6	Adds note as to why `v1beta1` is still an accepted `conversionReviewVersion` Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-28 15:49:50 +01:00
joshvanl	b3ece6708a	Adds v1beta1 as a `conversionReviewVersion` but don't actually support it Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-28 15:36:58 +01:00
joshvanl	5680bfd4b3	Change all CRDs to no longer accept v1beta1 conversionReviewVersions Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2021-07-26 17:05:58 +01:00
Inteon	c7d92681b8	add comments Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-13 17:58:28 +02:00
Inteon	0683738458	fix bug & add comment & cleanup Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>	2021-07-13 13:41:37 +02:00

1 2 3 4

172 Commits