weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
5,734 Commits 45 Branches 0 Tags 96 MiB
ff2dfd7b64
Commit Graph

107 Commits

Author SHA1 Message Date
Maël Valais
30f9c123d3 gateway-shim: add the gateway-shim controller 
Note that the gateway-shim is only half the work for supporting the
Gateway API in cert-manager. The other half is the HTTP01 solver
support, which is still worked on.

The Gateway API in cert-manager is releases as an experimental feature
and needs to be enabled manually with the following flag:

  --controllers=*,gateway-shim

All the annotations supported by ingress-shim are also supported by
gateway-shim, with some exceptions:

  "acme.cert-manager.io/http01-ingress-class"

This annotation is not supported on the Gateway resource. Although the
Gateway resource also has a "gatewayClass" field, we will need to add
another field instead of "ingress-class" to avoid confusion with the
ingress-shim.

  "acme.cert-manager.io/http01-edit-in-place"

This annotation is not supported because it is specific to some ingress
controllers like ingress-gce.

  "kubernetes.io/tls-acme"

This annotation is not supported because it is a behavior inherited from
kube-lego and we chose not to keep this behavior with the Gateway API.

Unlike the ingress-shim, you can reuse the same Secret name in multiple
TLS configurations on the same Gateway resource.

The ingress-shim now shows the exact location of the duplicate
secretName when the user gives the same secretName in two separate TLS
blocks.

Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: Jake Sanders <i@am.so-aweso.me>
 2021-07-15 20:34:55 +02:00
jetstack-bot
c546f5bbd9
Merge pull request #4190 from inteon/helm_labels 
Remove Helm-specific labels & add version label
 2021-07-13 18:27:03 +01:00
Inteon
043bbd283e
remove helm-specific labels & add version label 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-11 17:42:32 +02:00
Inteon
b852735a95
upgrade ginkgo & gomega 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-10 20:52:09 +02:00
Inteon
cd92bf321f
centralise testing api-server & remove custom implementation 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-06 16:13:44 +02:00
Inteon
fa07da9302
upgrade all tools to the latest version 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-06 14:51:36 +02:00
Inteon
3177be515a
improve default flag values & other requested changes 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-02 12:58:30 +02:00
Inteon
1c4b511876
basic install and uninstall functionality 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-07-02 12:58:30 +02:00
Tamal Saha
2e721959b7 Use stable version of controller-runtime 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-06-09 03:51:01 -07:00
jetstack-bot
c1d7dcf8b5
Merge pull request #4007 from edglynes/3904_v2_API 
Update Aka issuer to use v2 API
 2021-05-21 12:34:25 +01:00
Tamal Saha
6789053681 Use gomodules.xyz/jsonpatch/v2 v2.2.0 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-19 09:24:58 -07:00
Edward Lynes
ef5c42d8a9 rebase master for PR 
Signed-off-by: Edward Lynes <elynes@akamai.com>
 2021-05-18 10:46:30 -04:00
Tamal Saha
2609aa51e1 Use gomodules.xyz/jsonpatch instead of mattbaird/jsonpatch 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 13:05:19 -07:00
Tamal Saha
6bfe640533 Update fakeSecretClient 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:52:59 -07:00
Tamal Saha
a744db675d Add comments for replace statements 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
1b552a400d Use gopkg.in/yaml.v3 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
01757dfaf2 Update dependencies 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
7b63788f52 Cleanup codegen script 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
b1cb6422e4 Use controller-runtime v0.9.0-beta.0 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Tamal Saha
da86194a9d Update to k8s 1.21.0 tool chain 
Signed-off-by: Tamal Saha <tamal@appscode.com>
 2021-05-17 08:11:19 -07:00
Edward Lynes
ecc552a7de Update Aka issuer to use v2 API 
Signed-off-by: Edward Lynes <elynes@akamai.com>
 2021-05-14 13:31:13 -04:00
Jake Sanders
79d8d9cb7b
Revert "Merge pull request #3724 from inteon/istio-virtualservice-for-http01" 
This reverts commit 80f27739b5, reversing
changes made to 96604d02a3.

Signed-off-by: Jake Sanders <i@am.so-aweso.me>
 2021-05-11 14:50:25 +01:00
irbekrm
e4554590d8 Fix new crypto fork replace directive comment 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-29 11:55:13 +01:00
Inteon
624e2b9e69 add ACME HTTP01 Istio support 
Signed-off-by: Inteon <42113979+inteon@users.noreply.github.com>
 2021-04-28 09:19:53 +02:00
irbekrm
d213b4bfdb Standardize deprecation warnings 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-12 09:38:49 +01:00
irbekrm
697836e446 Update comment for replace directive in go.mod 
Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-09 15:11:22 +01:00
irbekrm
09af959071 Issuer's ACME EAB algorithm can no longer be set 
It is hardcoded to HS256 in golang.org/x/crypto

Also, we now use a fork of golang.org/x/crypto
in cert-manager org.

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-09 10:28:19 +01:00
irbekrm
245d591dc3 reinstate line wrapping 
by bumping gopkg.in/yaml to v2.4.0

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-03 15:39:04 +01:00
irbekrm
62d4fb7384 Bumps go 1.15 -> 1.16 
Signed-off-by: irbekrm <irbekrm@gmail.com>

Runs ./hack/update-deps.sh

Signed-off-by: irbekrm <irbekrm@gmail.com>

get go_rules to download latest patch version of go

Signed-off-by: irbekrm <irbekrm@gmail.com>
 2021-04-02 10:21:39 +01:00
Richard Wall
308a0f4405 Upgrade to vcert 4.13.1 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2021-04-01 09:13:36 +01:00
joshvanl
191e448764 Updates go modules 
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
 2021-03-26 17:26:28 +00:00
Tharun
b4df9b3567 removed gorilla mux and used profiling util 
Signed-off-by: Tharun <rajendrantharun@live.com>
 2020-12-11 17:54:55 +05:30
Richard Wall
f3f321bbbc Update to vcert v4.11.0 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-10-08 15:02:50 +01:00
Maartje Eyskens
4d8a56466d Bump dependancies 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-09-25 14:27:26 +02:00
Richard Wall
b772f3295b Use cancellable contexts and errgroups 
...to control the starting and stopping of controllers and caches

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-09-17 09:37:05 +01:00
jetstack-bot
6f2fc8e86e
Merge pull request #3166 from meyskens/k8s-119-rc 
Update k8s toolchain to 1.19.0
 2020-08-27 15:07:37 +01:00
Maartje Eyskens
47266ffbbc Implement feedback from review 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-27 14:46:28 +02:00
Richard Wall
b5719b94ce Bump Go version to 1.15 
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-27 11:40:14 +01:00
Maartje Eyskens
a160ba3186 Use k8s GA 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-27 09:08:11 +02:00
Maartje Eyskens
3a814e878b Run bazel updates 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-26 14:29:06 +02:00
Maartje Eyskens
7b85a72cb6 Use v0.19.0-rc.3 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-26 14:19:37 +02:00
Maartje Eyskens
14ea7c3f65 Update k8s toolchain to 0.19.0-rc.3 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-26 14:15:54 +02:00
Maartje Eyskens
8581837682 format go mod file 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-26 10:24:44 +02:00
Maartje Eyskens
2ba89496a4 Add note on fork 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-26 10:23:27 +02:00
Maartje Eyskens
90d6a54151 Add support for alternate certs with PrefferedChain in ACME 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-21 17:56:26 +02:00
Maartje Eyskens
454e83bb78 revert mistaken deps upgrades 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
3259fdfe9b Implement feedback 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:42 +02:00
Maartje Eyskens
fecd0b3518 Set all log levels for info 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Maartje Eyskens
9dd00905e9 Update klog 
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>

klog v2

Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
 2020-08-12 10:59:41 +02:00
Richard Wall
b2ed0a2b92 Update to latest version of https://github.com/SSLMate/go-pkcs12 
This new version includes a
[pkcs12.DecodeChain](https://godoc.org/software.sslmate.com/src/go-pkcs12#DecodeChain)
which will help in testing https://github.com/jetstack/cert-manager/pull/3146

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
 2020-08-07 17:26:59 +01:00