cert-manager

Author	SHA1	Message	Date
jetstack-bot	fb3f6829bd	Merge pull request #5018 from SgtCoDFish/imgloc Fix old logo location in helm chart	2022-04-08 10:11:37 +01:00
jetstack-bot	d212165c8d	Merge pull request #5016 from sveba/master explicitly mount service-account-token in deployment	2022-04-05 22:15:48 +01:00
Ashley Davis	248e2cce66	fix old logo location in helm chart Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-04-05 20:26:08 +01:00
Svetoslav Batchovski	d843a25202	Explicitly mount service-account-token in deployment Signed-off-by: Svetoslav Batchovski <svetoslav@batchovski.de>	2022-04-05 19:16:12 +02:00
Jake Sanders	0d88032850	Remove OWNERS from helm chart Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2022-04-05 16:46:57 +01:00
joshvanl	67afcb2d6c	Add patch permissions to challenges/status Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-04-01 11:53:44 +01:00
jetstack-bot	86ad9962a3	Merge pull request #4967 from maelvls/gwapi-v1alpha2-optional-labels Gateway API: with v1alpha2, the labels have become optional	2022-03-30 15:11:33 +01:00
jetstack-bot	00938dfa4c	Merge pull request #3605 from mikebryant/3601-default-nodeselector-linux fix: Set default nodeSelector to linux	2022-03-30 13:38:33 +01:00
Jake Sanders	b72db63761	Change label description for HTTP-01 Gateway API solver and fix tests Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2022-03-30 12:52:34 +01:00
jetstack-bot	e116d416f3	Merge pull request #4799 from JoshVanL/controllers-server-side-apply-orders Server Side Apply: Adds support for Order controllers to use SSA with Feature Gate	2022-03-28 13:11:31 +01:00
jetstack-bot	be15ce2279	Merge pull request #4953 from ajvn/feature/allow-privilege-escalation update: Setting allowPrivilegeEscalation to false	2022-03-22 11:01:47 +00:00
jetstack-bot	ca32961253	Merge pull request #4772 from irbekrm/exp_backoff Exponential backoff for retrying failed certificate issuances	2022-03-21 20:31:23 +00:00
Maël Valais	4b3af946db	gateway-api: with v1alpha2, the labels have become optional Previously, in v1alpha1, an HTTPRoute was matched to a Gateway using the label selectors present on the Gateways. For example, with the following Gateway: apiVersion: networking.x-k8s.io/v1alpha1 kind: Gateway metadata: name: acmesolver spec: listeners: - protocol: HTTP port: 80 routes: kind: HTTPRoute selector: matchLabels: app: foo you would have to use the following labels on the HTTPRoute in order to get the above Gateway to be used: apiVersion: networking.x-k8s.io/v1alpha1 kind: HTTPRoute metadata: labels: app: foo With v1alpha2, the label selectors have been dropped. Instead, the HTTPRoute has to give a direct reference to the Gateway: apiVersion: gateway.networking.k8s.io/v1alpha2 kind: HTTPRoute spec: parentRefs: - kind: Gateway name: acmesolver namespace: traefik This means that the "labels" field on the gatewayHTTPRoute solver is now optional: apiVersion: cert-manager.io/v1 kind: Issuer spec: acme: solvers: - http01: gatewayHTTPRoute: labels: \| This field is app: test \| now optional. parentRefs: - kind: Gateway name: acmesolver Signed-off-by: Maël Valais <mael@vls.dev>	2022-03-21 17:39:10 +01:00
Ivan	5c857d3737	update: Setting allowPrivilegeEscalation to false for controller, cainjector, webhook containers and for startupapicheck job Signed-off-by: Ivan <ivans@vaskir.co>	2022-03-21 17:17:28 +01:00
Andrea Decorte	f6d8c4fb5b	Add permissions to update certificates/status to allow namespace admins to renew manually a Certificate. Fixes #4954 Signed-off-by: Andrea Decorte <adecorte@gmail.com>	2022-03-21 12:08:11 +01:00
jetstack-bot	3266d13578	Merge pull request #4937 from illrill/feature/optional-rbac-aggregation Make aggregation to user-facing ClusterRoles optional	2022-03-21 09:00:23 +00:00
irbekrm	dbad3d98f3	Rename issuanceAttempts -> failedIssuanceAttempts In an attempt to convey the meaning of the field better Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-03-21 07:33:51 +00:00
irbekrm	affb5e86ef	Adds IssuanceAttempts field to Certificate's status Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-03-21 07:33:51 +00:00
Erik Godding Boye	94d1149760	docs: improve featureGates Helm chart value documentation Signed-off-by: Erik Godding Boye <egboye@gmail.com>	2022-03-15 21:28:46 +01:00
jetstack-bot	8179f68050	Merge pull request #4932 from 4molybdenum2/service-account-labels-helm support serviceAccount.Labels in Helm chart	2022-03-15 17:44:50 +00:00
Tathagata Paul	7161870cea	minor commenting fixes Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>	2022-03-15 17:42:47 +05:30
Tathagata Paul	67ed2ffd26	added optional labels for webhook, startupapicheck and cainjector service accounts Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>	2022-03-11 22:00:25 +05:30
jetstack-bot	8ebd63c7e9	Merge pull request #4913 from jahrlin/validate-privatekey-rotationpolicy add validation for certificate.spec.privateKey.rotationPolicy	2022-03-11 13:28:35 +00:00
Richard Johansson	edf38b66c2	Make aggregation to user-facing ClusterRoles optional Signed-off-by: Richard Johansson <richard.jimmy.johansson@gmail.com>	2022-03-10 15:50:32 +01:00
David Bond	4a4dd03245	Switch leader election to use Lease objects Previously, cert-manager supported both ConfigMap & Lease objects for leader election. This commit modifies the leader-election code to now solely use Lease objects in both the controller & ca-injector. The related RBAC for ConfigMap resources has also been removed. This change means that you cannot upgrade to the version containing this commit from cert-manager 1.3. Related to #3766 Signed-off-by: David Bond <davidsbond93@gmail.com>	2022-03-10 12:38:50 +00:00
Tathagata Paul	25d2def9b6	support serviceAccount.Labels in Helm chart Signed-off-by: Tathagata Paul <tathagatapaul7@gmail.com>	2022-03-10 15:16:53 +05:30
Joakim Ahrlin	f5275cf1cc	add enum for rotationPolicy Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>	2022-03-03 16:31:23 +01:00
Jake Sanders	cfb1406742	Update RBAC for the new gateway API's apiGroup Signed-off-by: Jake Sanders <i@am.so-aweso.me>	2022-03-01 15:05:24 +00:00
Joakim Ahrlin	eb64e6494c	update deps and BUILD files Signed-off-by: Joakim Ahrlin <joakim.ahrlin@gmail.com>	2022-03-01 15:05:18 +00:00
jetstack-bot	10c5d72279	Merge pull request #4792 from JoshVanL/controllers-server-side-apply-certificaterequests Server Side Apply: Adds support for CertificateRequests controller to use SSA with Feature Gate	2022-02-16 10:57:37 +00:00
joshvanl	b5ff61e02b	Adds patch permissions to order/status for cert-manager controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-16 10:33:48 +00:00
jetstack-bot	56d9423744	Merge pull request #4798 from JoshVanL/controllers-server-side-apply-certificatesigningrequests Server Side Apply: Adds support for CertificateSigningRequest controllers to use SSA with Feature Gate	2022-02-16 10:20:37 +00:00
jetstack-bot	9887baac33	Merge pull request #4844 from batazor/chart-servicemonitor Add additional check for servicemonitor	2022-02-15 20:43:36 +00:00
jetstack-bot	0860a4141b	Merge pull request #4847 from akamac/patch-1 add name to the exposed metrics port	2022-02-14 14:02:52 +00:00
jetstack-bot	ad4264b6ec	Merge pull request #4841 from irbekrm/remove_annotation Removes cainjector annotations from CRDs	2022-02-14 10:48:52 +00:00
jetstack-bot	12a2148df3	Merge pull request #4794 from JoshVanL/controllers-server-side-apply-issuers Server Side Apply: Adds support for [Cluster]Issuer controller to use SSA with Feature Gate	2022-02-11 19:37:01 +00:00
joshvanl	3e23b6fd8a	Adds `patch` permissions to cert-manager controller for issuers and clusterissuers Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:26:56 +00:00
joshvanl	49108a0278	Adds list map type to Conditions for both Issuers and Cluster Issuers Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:26:56 +00:00
joshvanl	fc21252e14	Adds `patch` permissions to cert-manager controller for certificaterequests Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:22:33 +00:00
joshvanl	a4588c3401	Adds condition_list_type_test integration test for CertificateRequest object Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:22:33 +00:00
joshvanl	23ba58b008	Update CRD for field labels. Adds patch rbac to Certificates for cert-manager controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-11 16:14:31 +00:00
Alexey Miasoedov	c37e0b9b93	add name to the exposed metrics port Signed-off-by: Alexey Miasoedov <alexey.miasoedov@gmail.com>	2022-02-11 18:37:09 +03:00
jetstack-bot	9ff7568f4e	Merge pull request #4809 from JoshVanL/ca-injector-remove-auditsinks-permissions Remove auditsinks permissions from ca-injector as it is no longer supported	2022-02-11 13:56:01 +00:00
Victor Login	f2f771fc93	Update servicemonitor.yaml Signed-off-by: Login Victor <batazor111@gmail.com>	2022-02-11 08:57:07 +03:00
irbekrm	5fd80d6ad3	Removes cainjector annotations from CRDs As we're no longer using cainjector to inject CA bundles to those CRDs Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-02-10 13:43:06 +00:00
joshvanl	391dea4f60	Adds `patch` to certificatesigningrequest permissions for controller Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-07 14:18:14 +00:00
Ashley Davis	3a055cc2f5	rename all uses of github.com/jetstack/cert-manager This was done by running the following command twice: ```bash grep -Ri "github.com/jetstack/cert-manager" . \| \ cut -d":" -f1 \| \ sort \| \ uniq \| \ xargs sed -i "s/github.com\/jetstack\/cert-manager/github.com\/cert-manager\/cert-manager/" ``` Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>	2022-02-02 09:08:31 +00:00
joshvanl	35fba365bf	Update AdditionalOutputFormats comment to reflect addition of feature to webhook set. Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-02-01 17:04:55 +00:00
joshvanl	83f738d665	Remove auditsinks permissions from ca-injector as it is no longer supported Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>	2022-01-31 18:46:52 +00:00
irbekrm	4b3239e8fb	Removes duplicated service annotations from Helm chart These were added by merging multiple PRs that add similar functionality Signed-off-by: irbekrm <irbekrm@gmail.com>	2022-01-25 10:26:25 +00:00

1 2 3 4 5 ...

706 Commits