weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
6,536 Commits 45 Branches 0 Tags 96 MiB
d1ffb0ad0d
Commit Graph

75 Commits

Author SHA1 Message Date
joshvanl
d1ffb0ad0d Adds roundtrip tests for issuer and cluster issuer serialize 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
085b2bf34b Updates issuer and cluster issuer controllers to optionally user server 
side apply

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
5c37326e36 Adds issuer apply helper 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
joshvanl
49108a0278 Adds list map type to Conditions for both Issuers and Cluster Issuers 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-11 16:26:56 +00:00
jetstack-bot
4f11cc27dd
Merge pull request #4822 from JoshVanL/devel-feature-gates-parse 
Parse and distribute feature gates in devel script
 2022-02-11 13:19:01 +00:00
joshvanl
4de248e883 Updates comments to read better 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-08 16:07:04 +00:00
joshvanl
23603775e1 Change import jetstack/cert-manager -> cert-manager/cert-manager 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 15:05:06 +00:00
joshvanl
19b68c9ba2 Update SecretTemplate comments on policy checks 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 15:02:51 +00:00
joshvanl
fdf7743f21 Adds PostIssuanceChecks for Certificate's AdditionalOutputFormats 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:40:51 +00:00
joshvanl
0bba16e0f9 Adds empty feature set for cainjector. Parses feature gates in devel 
script, and passes them on to each component

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:39:46 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
35fba365bf Update AdditionalOutputFormats comment to reflect addition of feature to 
webhook set.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 17:04:55 +00:00
joshvanl
8b219a45b2 Fix AdditationOutputFormat validation, and adds unit tests. Use correct 
feature set

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 17:03:37 +00:00
joshvanl
1cf06889bf Add AdditionalCertificateOutputFormats feature to webhook set. Make 
@joshvanl owner of feature in controller.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-01 17:02:48 +00:00
jetstack-bot
b12d78d364
Merge pull request #4746 from JoshVanL/controller-readiness-certificates-spec-match 
Certificates controller policies refactor
 2022-01-27 12:45:40 +00:00
joshvanl
5d56566575 Adds more test cases to secrets.go and fix imports for checks.go 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:01:51 +00:00
jetstack-bot
39e388eaa5
Merge pull request #4762 from jakexks/use-only-ingress-annotation 
Always use the kubernetes.io/ingress.class annotation (#4537)
 2022-01-21 13:45:07 +00:00
Jake Sanders
65902d57a3
Always use the kubernetes.io/ingress.class annotation (#4537) 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-01-21 10:35:25 +00:00
James Munnelly
5407376768 Add comment clarifying why we absorb authorizer errors 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
bf98c92a44 Remove ServerOption type now that webhook initialization has moved to internal package 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
07a0171e98 Use regular discovery client instead of cache 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
5d6be6a639 Add tests for resourcevalidation plugin 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
31244942d1 Call ServerGroups when initializing discovery 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
e13c879681 Remove old handlers & admission plugins 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:50 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00
James Munnelly
9583050538 Add admission plugins for APIDeprecation, CertificateRequestApproval&Identity, ResourceValidation 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:55:44 +00:00
James Munnelly
dd560bca6a Add internal webhook package that uses new admission chain 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:55:43 +00:00
joshvanl
38b7b930c8 Add tests from rebase and more policies under 
/internal/controller/certificates

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:31:05 +00:00
joshvanl
3b148347ad Move temporary certificate policy init into policy package 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
a53987214f Move certificates controller policies under /internal/controller 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
f1cafae95f Refactor trigger policies to be more generic and be used by multiple 
controllers

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-19 14:30:00 +00:00
joshvanl
c18571a78d Remove json tags from internal API types. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-18 14:04:53 +00:00
jetstack-bot
051a763ee5
Merge pull request #4638 from JoshVanL/controllers-certificates-secret-template 
SecretTemplate reconciliation. SecretManager Apply
 2022-01-18 13:28:57 +00:00
jetstack-bot
37411c8c3d
Merge pull request #4736 from SgtCoDFish/movefuzz 
Move integration tests to test/integration
 2022-01-18 12:53:04 +00:00
joshvanl
5019aaacfc Update SecretTemplate API comments to highlight that annotations are 
appended to base annotations

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:40:13 +00:00
joshvanl
86ae0545d2 Update SecretTemplate API comments with new behaviour. 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
43c72dd490 Update Certificates SecretTemplate API comments 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-17 11:24:45 +00:00
joshvanl
685dd79c0c Makes some minor API naming changes, and clears up some docs around the 
Certifcate's additional output formats.

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-14 20:00:26 +00:00
Ashley Davis
1605f9794f
move fuzzing tests to test/integration/fuzz/% 
These tests have external dependencies (rendered CRDs) which mean they
can't pass on a clean checkout without further setup. We define such
tests as integration tests, and so these are moved to test/integration.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-14 15:36:00 +00:00
Thierry Sallé
7f8641dd94 [additionalOutputFormats] Update comments and add more tests 
Signed-off-by: Thierry Sallé <seuf76@gmail.com>
 2022-01-14 11:10:32 +01:00
Thierry
81f308221b Add certifcate additionalOutputFormats parameter 
DER Format to create key.der binary format of the private key.

CombinedPEM Format to create tls-combined.pem containing tls.key + tls.crt.

Added Unit and e2e tests for secret with Additional output format.

Feature flag AdditionalCertificateOutputFormats to enable feature.

Signed-off-by: Thierry Sallé <seuf76@gmail.com>
 2022-01-14 11:10:32 +01:00
Ashley Davis
92f78e8f8d
move RFC2136 DNS01 tests to test/integration 
Since this test requires setup before it can successfully run,
we define it as an integration test and move it here so that on a
fresh checkout a user can always run `go test ./pkg/...` and expect that
it would succeed.

Also:

- tweaks some comments
- adds methods for getting nameserver / tsig algorithm from DNSProvider

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-12 16:00:10 +00:00
James Munnelly
9a0a395c05 Re-order imports 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:49:51 +00:00
James Munnelly
df250307c2 Fix test failures 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:20:31 +00:00
James Munnelly
ea2d04e2c0 Add webhook-specific 'feature' package and wire it up through config 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:17:38 +00:00
James Munnelly
9c04a04c7c Move feature package into internal/controller 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:17:36 +00:00
James Munnelly
29f793aca8 Prefer RUNFILES_DIR if it is set 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 16:50:44 +00:00
James Munnelly
8ff84e8b70 Re-organise and extend path loading logic to make it easier to run integration tests using Delve/GoLand 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 15:22:39 +00:00
Ashley Davis
727e29a747
three small goimports fixes against current HEAD 
rather than using the default suggested `v1` names for some imports, we
use more descriptive names

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-01-04 16:05:42 +00:00
James Munnelly
8f1fb874ed Run update-codegen in module mode 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2021-12-17 18:13:44 +00:00