weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
4,935 Commits 45 Branches 0 Tags 96 MiB
eff5bc069e
Commit Graph

4935 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
joshvanl
eff5bc069e Updates webhook validation handler to use new function signature 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:15:23 +00:00
joshvanl
cdeca6a9f4 Updates testdata to use new validation function signature. Updates 
registry and scheme install

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:14:35 +00:00
joshvanl
77d382c355 Updates validation functions to use new admission request signature. 
Updates installs to include mutation and identity

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:09:58 +00:00
joshvanl
d043a6ada6 Updates CertificateRequest validation to make the resource immutable 
upon creation. The spec and metadata.annotation fields cannot be
changed after creation

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:08:54 +00:00
joshvanl
66276927f6 Adds internal identity validation and mutation functions, and registers 
with registries

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:07:39 +00:00
joshvanl
c09f47afed Updates internal validation function registry to include admission 
request

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:06:37 +00:00
joshvanl
6e35e96058 Adds internal mutation function registry 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-08 19:06:18 +00:00
joshvanl
e6bd2e3538 Updates client-gen for CR identity 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-05 16:49:55 +00:00
joshvanl
46999ff8f1 Adds identity fields to CertificateRequest types 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-05 14:23:40 +00:00
jetstack-bot
35febb1717
Merge pull request #3505 from hugoboos/ocsp-server 
Add option to specify OCSP server #3497
 2021-02-05 11:27:37 +00:00
jetstack-bot
c932a7135d
Merge pull request #3545 from meyskens/ingress-ku 
Allow ingress-shim to specify key usages + add server-auth to default
 2021-02-05 10:50:37 +00:00
Maël Valais
95f8410194 remove the unit test, see reason in the commit message 
The reason I had to withdraw from writing this unit test is that the
ca.CA type in pkg/issuer/ca does not implement the Sign function, which
means I cannot test the Sign feature.

I then tried to implement the same unit test to
pkg/controller/certificaterequests/ca, but the existing unit test do not
check the fields inside the produced certificate, which means I cannot
ensure that the ocspServers fields has properly been applied to the
certificate.

I will write a proper unit test... a bit later.

Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: James Munnelly <james@munnelly.eu>
 2021-02-05 10:21:27 +01:00
Maël Valais
11b9d71708 ca issuer: add a unit test with the ocsp servers field 
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: James Munnelly <james@munnelly.eu>
 2021-02-05 10:20:55 +01:00
joshvanl
15536801f0 Revert ingress key usage annotation to default the same as Certificate 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-02-04 16:08:30 +00:00
jetstack-bot
461a41046c
Merge pull request #3628 from wallrj/3627-fix-crd-duplication 
Fix duplication of the CRD definitions in cert-manager.yaml
 2021-02-04 15:19:41 +00:00
Maartje Eyskens
577c039220 Implement feedback 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-02-04 15:11:00 +00:00
Maartje Eyskens
bfce24fd59 Fix sync tests 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-02-04 15:11:00 +00:00
Maartje Eyskens
8ec816814f update bazel 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-02-04 15:11:00 +00:00
Maartje Eyskens
bbb75ee52f Allow ingress-shim to specify key usages + add server-auth to default 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-02-04 15:11:00 +00:00
Richard Wall
0255304ef4 Fix the helm install --set installCRDs=true option 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-02-04 14:05:49 +00:00
jetstack-bot
4fe609156b
Merge pull request #3538 from chulkilee/patch-1 
Fix comments for docs on types_certificate.go
 2021-02-03 15:09:11 +00:00
Richard Wall
dd4219501d Fix duplication of the CRD definitions in cert-manager.yaml 
* CRDs are already included by virtue of the manifests.helm target

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-02-03 11:50:19 +00:00
jetstack-bot
b809b17a6f
Merge pull request #3623 from irbekrm/2009_skip_invalid_ingress_tls_entries 
Skips invalid Ingress tls entries instead of invalidating the Ingress
 2021-02-03 10:23:10 +00:00
Maël Valais
ba22785445 Rename ocspServer to oscpServers 
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: James Munnelly <james@munnelly.eu>
 2021-02-03 11:13:32 +01:00
Maël Valais
d5c485970d issuer's ocsp server: add an example URL to the API 
Signed-off-by: Maël Valais <mael@vls.dev>
 2021-02-03 09:42:34 +01:00
Maël Valais
9fb0876d21 issuer's ocsp server: add validation of the URL 
Signed-off-by: Maël Valais <mael@vls.dev>
 2021-02-03 09:42:01 +01:00
Hugo Stijns
5f18cce622 add option to specify OCSP server 
Signed-off-by: Hugo Stijns <hugo@boosboos.net>
Signed-off-by: Maël Valais <mael@vls.dev>
 2021-02-03 09:09:03 +01:00
irbekrm
be5ba022a9 Improves error checking in TestSync function 
Also corrects some expected error values in test cases

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-02-02 11:23:42 +00:00
irbekrm
bb99260365 Skips an invalid Ingress.spec.tls entry instead of invalidating the whole Ingress 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-02-01 19:32:36 +00:00
Maartje Eyskens
33f1881190
Merge pull request #3532 from meyskens/recursive-cname 
Make CNAME resolver recursive
 2021-01-27 16:28:40 +01:00
jetstack-bot
211230383e
Merge pull request #3604 from irbekrm/3587-cli-context-handling 
Passes a singe context with cancel func to all the kubectl plugin com…
 2021-01-27 15:31:35 +01:00
jetstack-bot
aad78b6141
Merge pull request #3583 from meyskens/crd-cat 
Add CRD categories
 2021-01-27 14:44:35 +01:00
irbekrm
34fd9e9fef Makes /cmd/cainjector/main more DRY 
reuses util.ContextWithStopCh to create a context with cancel func

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-01-27 13:32:23 +00:00
irbekrm
1abc7107ca Passes a single context with cancel func to all the kubectl plugin commands 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Don't duplicate the existing ContextWithStopCh function

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-01-27 13:06:34 +00:00
jetstack-bot
26afeceb2b
Merge pull request #3457 from meyskens/inspect-secret 
Add `inspect secret` command
 2021-01-22 16:19:03 +01:00
Maartje Eyskens
e081410d29 rename a function call 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-01-22 16:00:34 +01:00
Maartje Eyskens
d4f2934609 actually rename function 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-01-22 15:54:30 +01:00
Maartje Eyskens
910cba9538
Update pkg/issuer/acme/dns/util/wait.go 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>

Co-authored-by: Maël Valais <mael@vls.dev>
 2021-01-22 15:46:06 +01:00
jetstack-bot
3aa2862548
Merge pull request #3514 from wallrj/3152-external-issuer-e2e-tests 
E2e tests for external issuers
 2021-01-22 13:37:03 +01:00
Richard Wall
290fa4e446 E2E tests 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-01-22 12:12:14 +00:00
Chulki Lee
e90b494da6 Fix go comments for API docs 
- Use backticks, not single/double quotes for enum values
- Fix allowed values
- Remove unnecessary quote

Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
 2021-01-22 20:21:19 +09:00
Richard Wall
a5d7e24211 Install the sample-external-issuer 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-01-21 09:46:33 +00:00
jetstack-bot
386c2bacb2
Merge pull request #3593 from jakexks/readme-update 
The development meetings are now hosted on Google Meet
 2021-01-20 18:12:40 +01:00
Maartje Eyskens
d0b13b6c8a Update code structure of cname following 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-01-20 17:11:40 +01:00
Maartje Eyskens
f9d34991bc Revert one too many rename 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-01-20 17:10:52 +01:00
Maartje Eyskens
7591304af8 update fn name 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2021-01-20 17:08:35 +01:00
Maartje Eyskens
985c8b6e30
Apply suggestions from code review 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>

Co-authored-by: Maël Valais <mael@vls.dev>
 2021-01-20 17:05:45 +01:00
Jake Sanders
02e98eaaca
The development meetings are now hosted on Google Meet 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-01-20 15:40:52 +00:00
jetstack-bot
37a5456463
Merge pull request #3533 from wallrj/2847-venafi-ca-crt 
Venafi Issuer now sets the CA.crt field of the Secret
 2021-01-20 16:21:40 +01:00
Richard Wall
50a388a8a1 Fix unit tests 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-01-20 14:26:43 +00:00