weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
7,346 Commits 45 Branches 0 Tags 96 MiB
ea0bea9db0
Commit Graph

2978 Commits

Author SHA1 Message Date
Luca Comellini
c99c147059
Bump k8s.io deps to v0.26.0 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-12-14 21:53:42 -08:00
Sathyanarayanan Saravanamuthu
f719247d2b Addressing review comments 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu
94fa9eeee6 Addressing review comments 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-12-06 18:54:46 +05:30
Sathyanarayanan Saravanamuthu
42ae76ae30 Refreshing secrets when the keystore fields change 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-12-06 18:54:46 +05:30
irbekrm
486c72f122 Update reference to HTTPRoute docs 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-12-05 15:04:18 +00:00
jetstack-bot
6ec8da3366
Merge pull request #5583 from lvyanru8200/uodateGwVerison 
feature: update gateway api to v1beta1
 2022-12-05 14:52:48 +00:00
lv
a13c76d312 feature: update gateway api to v1beta1 
Signed-off-by: lvyanru <yanru.lv@daocloud.io>

feature: update gateway api to v1beta1

Signed-off-by: lvyanru <1113706590@qq.com>
 2022-12-05 14:03:21 +00:00
Martín Montes
f884dac555 Return error when Gateway has a cross-namespace secret ref 
Signed-off-by: Martín Montes <martin11lrx@gmail.com>
 2022-12-01 12:46:33 +01:00
jetstack-bot
77c410f5cb
Merge pull request #5570 from weisdd/feature/azure-workload-identity 
feat(AzureDNS): Add support for Workload Identity
 2022-11-30 18:00:32 +00:00
Igor Beliakov
df20fcd3e4 chore(AzureDNS): added more comments as requested by @wallrj 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-24 22:42:18 +01:00
Houssem El Fekih
8af2d64f3b Gofmt files 
Signed-off-by: Houssem El Fekih <houssem.elfekih@jetstack.io>
 2022-11-18 10:55:56 +00:00
Houssem El Fekih
f41cf33efe Add support for required LDAP (rfc4514) RDNs in LiteralSubject 
* Add OID translation for mandatory DC component
* Used extensively in LDAP certificates, also required by rfc5280
* Add support for UID, mentioned in LDAP RFC
* solves https://github.com/cert-manager/cert-manager/issues/5582

Signed-off-by: SpectralHiss <houssem.elfekih@jetstack.io>
 2022-11-18 10:22:39 +00:00
Igor Beliakov
964f4bbd8d feat(AzureDNS): add a test for federated SPT 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-17 17:42:05 +01:00
Corey McGalliard
7e6e0940a2 updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive 
Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>
 2022-11-16 11:20:36 -05:00
jetstack-bot
95dc198cd6
Merge pull request #5571 from inteon/cleanup_csr_generation 
Improve gen.CSR and use it in all tests
 2022-11-15 14:08:44 +00:00
jetstack-bot
4ffd6213e7
Merge pull request #5552 from sathyanarays/isCaFix 
Fixing CA flag in basic constraints extension
 2022-11-10 13:37:47 +00:00
Sathyanarayanan Saravanamuthu
860ba8465a Addressing review comments 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-11-10 14:27:26 +05:30
Tim Ramlot
b999749854
improve gen.CSR and use it everywhere 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-11-10 09:21:31 +01:00
Richard Wall
df42b81326 Fix typos in explanatory comment 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:50:27 +00:00
Richard Wall
1f1ed47c2a Always initialize tlsClientConfig if the default is nil 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:45:52 +00:00
Richard Wall
218cdb7e0f Use RenegotiateOnceAsClient and explain why 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-11-09 17:25:31 +00:00
Igor Beliakov
efae037cec chore(Azure): improve naming, add comments 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-11-09 17:33:28 +01:00
Sathyanarayanan Saravanamuthu
d4de98d35b Adding unit tests 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-11-06 09:36:26 +05:30
Sathyanarayanan Saravanamuthu
bb39c5cf79 Fixing CA flag in basic constraints extension 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-11-03 15:34:25 +05:30
Igor Beliakov
741fa3cfb4 feat(Azure): add support for workload identity 
Signed-off-by: Igor Beliakov <demtis.register@gmail.com>
 2022-10-29 15:43:33 +02:00
joshvanl
e804431dba Fire event for informational purposes when the CertificateRequest has not yet been approved. 
Signed-off-by: joshvanl <me@joshvanl.dev>
 2022-10-23 18:04:58 +01:00
jetstack-bot
277bcfc305
Merge pull request #5504 from sathyanarays/nit_fix 
[NIT] Changing variable name to denote right type
 2022-10-14 17:17:30 +01:00
jetstack-bot
da3265115b
Merge pull request #5387 from Tolsto/vault-ca-bundle-secret-ref 
Add option to load Vault CA bundle from Kubernetes Secret
 2022-10-13 09:55:09 +01:00
Sathyanarayanan Saravanamuthu
1bc773cbcf [NIT] Changing variable name to denote right type 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-10-12 13:41:23 +05:30
Sathyanarayanan Saravanamuthu
204fa78dd8 [NIT] Changing variable name to denote right type 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-10-12 13:37:35 +05:30
Sathyanarayanan Saravanamuthu
2969202fe2 Addressing review comments 
Co-authored-by: Cody W Eilar <ecody@vmware.com>

Signed-off-by: Cody W Eilar <ecody@vmware.com>
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-10-11 17:22:38 +05:30
Sathyanarayanan Saravanamuthu
40947b0ef4 Generate Certificate Request with predictable name 
Co-authored-by: Cody W Eilar <ecody@vmware.com>

Signed-off-by: Cody W Eilar <ecody@vmware.com>
Signed-off-by: Sathyanarayanan Saravanamuthu <sathyanarays@vmware.com>
 2022-10-11 17:01:26 +05:30
jetstack-bot
a624f49386
Merge pull request #5469 from sathyanarays/unit_test_improve 
Increasing unit test coverage for pkg/issuer/acme/setup.go
 2022-10-06 15:23:27 +01:00
Tim Ramlot
e917e4a103
log more information on why the get CertificateRequest request failed 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-10-05 18:53:53 +02:00
Sathyanarayanan Saravanamuthu
401fb2dc34 Improving unit test coverage of pkg/issuer/acme/setup.go 
Signed-off-by: Sathyanarayanan Saravanamuthu <sathya.chozhanaadan@gmail.com>
 2022-10-04 16:59:40 +05:30
Danny Kulchinsky
9074f5a081 refactor RemoveCertificate to use DeletePartialMatch 
Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com>
 2022-09-28 10:24:30 -04:00
Danny Kulchinsky
cc1d982b33 fix incorrect func signature in certificate metrics controller 
Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com>
 2022-09-28 10:21:36 -04:00
Danny Kulchinsky
ef9030303a fix formatting 
Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com>
 2022-09-28 10:21:36 -04:00
Danny Kulchinsky
81c85ee15c add issuer_{group|name|kind} labels to prom metrics 
Signed-off-by: Danny Kulchinsky <dkulchinsky@fastly.com>
 2022-09-28 10:21:36 -04:00
Luca Comellini
4498b7cc47
Bump Go to 1.19 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-09-27 11:38:51 -07:00
Tim Ramlot
39fa9f51b4 upgrade dependencies 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-09-26 11:43:12 +02:00
Tim Ramlot
99ed9f3e06 add comment 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2022-09-23 10:30:32 +02:00
Tristan Deloche
878d84a2fa
Ensure forward-compatibility with k8s.io/apiserver's Storage interface 
Signed-off-by: Tristan Deloche <tde@hey.com>
 2022-09-20 16:10:22 +01:00
jetstack-bot
e82c72cff0
Merge pull request #5413 from Abirdcfly/master 
chore: remove duplicate word in comments
 2022-08-30 13:15:31 +01:00
Abirdcfly
6ac4d89c81
chore: remove duplicate word in comments 
Signed-off-by: Abirdcfly <fp544037857@gmail.com>
 2022-08-30 17:18:31 +08:00
Renato Costa
162777aab2 Fix incorrect uses of loop variable 
This fixes two instances where loop variables were being incorrectly
used:

- using a loop variable in a closure passed to `ginkgo.It()` is
incorrect, as the capture happens by reference and only the last test
case will be executed (multiple times).
- a similar issue happens in the context of a goroutine; specifically,
we need to create a copy of the `runDurationFunc` before calling it in
a goroutine as done by the controller's `Run` function.

With regards to the second issue, I believe it never came to the
surface because, in production code, only one `runDurationFunc` is
passed; tests don't exercise the multiple funcs path either.

Issues were automatically found with the `loopvarcapture` linter.

Signed-off-by: Renato Costa <renato@cockroachlabs.com>
 2022-08-26 15:08:30 -04:00
jetstack-bot
12f98dbc7e
Merge pull request #5376 from inteon/upgrade_gateway_api 
Upgrade gateway api to v0.5.0
 2022-08-25 16:08:10 +01:00
jetstack-bot
d1a8f7f52d
Merge pull request #5336 from JoshVanL/controllers-certificaterequests-secrets-informer 
CertificateRequest: re-sync SelfSigned CertificateRequest when target Secret is informed.
 2022-08-23 16:46:23 +01:00
Nils
81e6c24293 fixup! Add option to load Vault CA bundle from Kubernetes Secret 
Co-authored-by: Josh van Leeuwen <joshua.vanleeuwen@jetstack.io>
Signed-off-by: Nils Mueller <nm@impactful.it>
 2022-08-21 07:41:15 +03:00
jetstack-bot
10c4b7cde9
Merge pull request #5379 from JoshVanL/controllers-certificatesigningrequests-secrets-informer 
CertificateSigningRequest: re-sync SelfSigned CertificateSigningRequest when target Secret is informed
 2022-08-19 15:50:12 +01:00