weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
7,506 Commits 45 Branches 0 Tags 96 MiB
f36c06f10d
Commit Graph

613 Commits

Author SHA1 Message Date
Tim Ramlot
f36c06f10d
move cmd/util/ to internal/cmd/util/, since it is also imported by packages outside of cmd/ 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-02-28 12:38:59 +01:00
jetstack-bot
9f7a4053ab
Merge pull request #5746 from irbekrm/cainjector_remove_duplicate_cache 
Remove the double cache mechanism for cainjector
 2023-01-25 15:05:57 +00:00
irbekrm
3aba8ed32d Makes cainjector Certificate watch optional 
Configurable via a flag, true by default

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-24 13:52:45 +00:00
irbekrm
4776597cb4 Remove the double cache mechanism for cainjector 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-23 17:38:46 +00:00
Tim Ramlot
23de5240e9
move utility functions to reduce fragmentation and rename functions for consistency 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
 2023-01-23 13:19:39 +01:00
irbekrm
53abc8cb2e Use fake kube apiserver version when generating helm template in cmctl x install 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-12 15:00:21 +00:00
irbekrm
87bef52337 Fix cainjector's namespace flag 
Ensures that when cainjector has the namespace flag passed, namespaced resource caching is scoped to that namespace

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2023-01-05 18:15:19 +00:00
Corey McGalliard
7e6e0940a2 updating to match feedback and adjust the RunAsNonRoot options for http01 solver to be more descriptive 
Signed-off-by: Corey McGalliard <cmcgalliard@redventures.com>
 2022-11-16 11:20:36 -05:00
irbekrm
584147df37 Document that pod template spec should be used instead of flags 
For configuring ACME HTTP-01 solver pod

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-08-09 15:26:10 +01:00
Ashley Davis
fb231ab641
Remove bazel 🎉 
This removes all .bazel and .bzl files, and a bunch of scripts relating
to bazel, now that it's been entirely replaced.

There are still a few places where traces could be removed, but this
removes the brunt of the bazel stuff that remains.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-07-26 11:38:50 +01:00
jetstack-bot
5d2542ab2e
Merge pull request #5196 from irbekrm/fix_retry_flag_help 
Corrects the --dns01-check-retry-period flag description
 2022-06-30 13:25:03 +01:00
Mark Shields
c2f585657a fix(cmctl): typo 
Signed-off-by: Mark Shields <4237425+beejiujitsu@users.noreply.github.com>
 2022-06-16 22:14:36 -04:00
irbekrm
75b205021d Corrects the --dns01-check-retry-period flag description 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2022-06-09 12:09:39 +01:00
Luca Comellini
091549620b
Bump Go to 1.18 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-06-02 15:50:13 -07:00
Monis Khan
2a33c7a5c2
Use Kubernetes CSR spec.expirationSeconds to express cert duration 
This change adds the ability to express certificate duration using
the Kubernetes CSR spec.expirationSeconds field alongside the existing
approach of using the experimental.cert-manager.io/request-duration
annotation.  Both approaches are supported as the expirationSeconds
field requires Kubernetes v1.22+.

Signed-off-by: Monis Khan <mok@vmware.com>
 2022-03-21 09:40:32 -04:00
David Bond
4a4dd03245
Switch leader election to use Lease objects 
Previously, cert-manager supported both ConfigMap & Lease objects for leader election. This commit modifies
the leader-election code to now solely use Lease objects in both the controller & ca-injector. The related
RBAC for ConfigMap resources has also been removed.

This change means that you cannot upgrade to the version containing this commit from cert-manager 1.3.

Related to #3766

Signed-off-by: David Bond <davidsbond93@gmail.com>
 2022-03-10 12:38:50 +00:00
jetstack-bot
22419602c0
Merge pull request #4897 from jahrlin/uninstall 
cmctl x uninstall
 2022-03-08 13:33:00 +00:00
Joakim Ahrlin
4f72d061c5 update uninstall description 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-03-02 10:21:26 +01:00
Jake Sanders
03748831a9
Remove hardcoded cert from cmctl inspect secret unit tests 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-03-01 13:11:31 +00:00
Joakim Ahrlin
a1e3000a77 dont export options fields 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:44:53 +01:00
Joakim Ahrlin
02485ebede goimports 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:40:04 +01:00
Joakim Ahrlin
632a8b0476 add and update build files 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:36:35 +01:00
Joakim Ahrlin
b92deaa4d2 add uninstall command 
Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>
 2022-02-24 14:32:05 +01:00
DiptoChakrabarty
ee069f2c45 fix comments to reduce golint issues 
Signed-off-by: DiptoChakrabarty <diptochuck123@gmail.com>
 2022-02-16 17:28:08 +05:30
jetstack-bot
4f11cc27dd
Merge pull request #4822 from JoshVanL/devel-feature-gates-parse 
Parse and distribute feature gates in devel script
 2022-02-11 13:19:01 +00:00
Jake Sanders
f225637e20
Relax the validation on the default Issuer Kind for certificate-shim 
Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2022-02-08 13:50:13 +00:00
joshvanl
0bba16e0f9 Adds empty feature set for cainjector. Parses feature gates in devel 
script, and passes them on to each component

Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-02-07 14:39:46 +00:00
Ashley Davis
3a055cc2f5
rename all uses of github.com/jetstack/cert-manager 
This was done by running the following command twice:

 ```bash
 grep -Ri "github.com/jetstack/cert-manager" . | \
 cut -d":" -f1 | \
 sort | \
 uniq | \
 xargs sed -i
 "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/"
 ```

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
 2022-02-02 09:08:31 +00:00
joshvanl
d6c34987ef Updates controller start with ControllerFactory 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2022-01-27 12:51:49 +00:00
jetstack-bot
06ed2bd0f3
Merge pull request #4763 from wallrj/4739-cmctl-x-install-default-namespace 
Make sure that cmctl x install uses the cert-manager namespace
 2022-01-21 10:13:07 +00:00
Richard Wall
3679ee8888 Apply suggestions from code review 
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
Co-authored-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-01-20 22:35:48 +00:00
Richard Wall
0f5ca4626f Make sure that cmctl x install uses the cert-manager namespace by default 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2022-01-20 13:46:32 +00:00
James Munnelly
c1a92f20b6 Fix imports 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 11:05:00 +00:00
James Munnelly
bf98c92a44 Remove ServerOption type now that webhook initialization has moved to internal package 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:51 +00:00
James Munnelly
708de3c580 webhook: use new admission-plugin backed validation and mutation handlers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-20 10:56:46 +00:00
Josh Soref
562e40ba2e
Simplify successfully migrated message 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2022-01-18 14:43:42 -05:00
jetstack-bot
e2aede44c7
Merge pull request #4731 from DiptoChakrabarty/lint 
add go linters fixes within codebase
 2022-01-18 12:52:57 +00:00
jetstack-bot
5a0c4096cf
Merge pull request #4719 from munnerz/fixup-upgrade-migrate 
Reword log messages in the 'cmctl upgrade migrate-api-version' command
 2022-01-18 11:30:57 +00:00
DiptoChakrabarty
b0e2264b60 add go linters 
Signed-off-by: DiptoChakrabarty <diptochuck123@gmail.com>
 2022-01-13 00:12:15 +05:30
jetstack-bot
fa321b6a4b
Merge pull request #4287 from linka-cloud/acme-http-challenge-cutomer-dns 
Acme http challenge custom dns
 2022-01-11 11:24:03 +00:00
James Munnelly
efd1cad7f4 Reword log messages in the 'cmctl upgrade migrate-api-version' command 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:45:50 +00:00
James Munnelly
ea2d04e2c0 Add webhook-specific 'feature' package and wire it up through config 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:17:38 +00:00
James Munnelly
9c04a04c7c Move feature package into internal/controller 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-07 12:17:36 +00:00
Adphi
3375fa0609
http01: add custom nameservers support (#4286) 
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
 2022-01-06 21:02:46 +01:00
James Munnelly
c841d01d68 Allow specify --qps and --burst 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 16:47:43 +00:00
James Munnelly
b3f14ef51d Expand example usage text 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 16:42:39 +00:00
James Munnelly
4b257c1d72 Only mention upgrading to 1.0-1.6 once 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 16:39:07 +00:00
James Munnelly
35a96362a7 Rename command to 'migrate-api-version' 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 15:21:47 +00:00
James Munnelly
0f199173ba Add missing copyright headers 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 15:08:48 +00:00
James Munnelly
22b2b3687a Don't assume we are targetting 'v1' 
Signed-off-by: James Munnelly <jmunnelly@apple.com>
 2022-01-06 15:07:27 +00:00