Note that using ed25519 on the public internet is not currently
recommended, since it's not widely supported. You'd likely not be able
to use an Ed25519 cert with an ACME issuer today.
Ed25519 certs might be useful for internal PKI, though - an ed25519 CA
issuer, say - or for testing ed25519 certs before they become more
widely available on the public internet. They're not currently
supported by Vault, Venafi or ACME (Letsencrypt) issuers.
Signed-off-by: Anner J. Bonilla <abonilla@hoyosintegrity.com>
Signed-off-by: Anner J. Bonilla <annerjb@gmail.com>
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
pkg/ctl/scheme.go:17:1: package comment should be of the form "Package ctl ..."
pkg/issuer/acme/dns/acmedns/acmedns.go:43:2: var accountJson should be accountJSON
pkg/issuer/acme/dns/acmedns/acmedns.go:50:43: func parameter accountJson should be accountJSON
pkg/controller/certificates/trigger/policies/policies.go:57:1: comment on exported type Chain should be of the form "Chain ..." (with optional leading article)
pkg/controller/ingress-shim/sync.go:36:2: package "github.com/jetstack/cert-manager/pkg/logs" is being imported more than once (ST1019)
pkg/controller/ingress-shim/sync.go:37:2: other import of "github.com/jetstack/cert-manager/pkg/logs"
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
fixes the following issues:
pkg/controller/acmeorders/util.go:84:6 deadcode `hashChallenge` is unused
pkg/controller/certificaterequests/approver/approver.go:72:14 staticcheck SA4021: x = append(y) is equivalent to x = y
pkg/controller/certificaterequests/vault/vault_test.go:535:21 errcheck Error return value of `controller.Register` is not checked
pkg/controller/certificates/trigger/policies/policies.go:121:26 gosimple S1039: unnecessary use of fmt.Sprintf
pkg/controller/clusterissuers/sync_test.go:55:12 errcheck Error return value of `c.Register` is not checked
pkg/controller/ingress-shim/sync.go:301:2 gosimple S1005: unnecessary assignment to the blank identifier
Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
pkg/controller/certificates/trigger/trigger_controller_test.go:257:12: if block ends with a return statement, so drop this else and outdent its block
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
pkg/controller/certificates/revisionmanager/revisionmanager_controller.go:51:2: var certificateGvk is unused (U1000)
Signed-off-by: Richard Wall <richard.wall@jetstack.io>
The cert-manager team tends to use the word "certificate" for two very
different contexts:
1. sometimes, we use the word "certificate" to refer to a X.509
certificate (a blob of ASN.1-encoded data and then PEM-formated);
2. and sometimes we refer to "certificate" as one item of the Kubernetes
custom resource /apis/cert-manager.io/v1/certificates.
This commit makes sure the reader understands that we are talking about
the Kubernetes object here.
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
The log message:
multiple CertificateRequests found for the 'next' revision 2,
skipping issuance until no more duplicate.
can be better phrased as:
multiple CertificateRequests are found for the 'next' revision 2,
issuance is skipped until there are no more duplicates.
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
Note that I had initially made createCryptoBundle public since I found
it inconvenient to have to pass a testing.T when we know that we should
never be failing inside this func (I mean, the failure zould not be due
to a wrong test case).
After a comment from Maartje, I realize that I could just use an anonymous
function for that purpose.
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
It was set to a pointer value instead of the actual int value.
Signed-off-by: Maël Valais <mael@vls.dev>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
