weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
1678d0833e
cert-manager/pkg/controller/certificaterequests/selfsigned/BUILD.bazel
Ashley Davis 5e31fa37ff
selfsigned: warn when certs have empty issuer DNs 
as raised in#3634 - RFC 5280 states that the issuer field cannot be
empty, but this could easily happen with selfsigned certs which had
an empty subject (as the issuer matches the subject when the cert is
self signed)

this commit detects when a cert would be issued selfsigned with an
empty subject DN and emits a warning event, allowing cluster operators
to detect the warning and potentially either re-issue to generate a
compliant cert, or else accept the risk.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
2021-03-26 11:51:46 +00:00

62 lines
2.2 KiB
Python
Raw Blame History

load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
srcs = ["selfsigned.go"],
importpath = "github.com/jetstack/cert-manager/pkg/controller/certificaterequests/selfsigned",
visibility = ["//visibility:public"],
deps = [
"//pkg/api/util:go_default_library",
"//pkg/apis/certmanager/v1:go_default_library",
"//pkg/controller:go_default_library",
"//pkg/controller/certificaterequests:go_default_library",
"//pkg/controller/certificaterequests/util:go_default_library",
"//pkg/issuer:go_default_library",
"//pkg/logs:go_default_library",
"//pkg/util/errors:go_default_library",
"//pkg/util/kube:go_default_library",
"//pkg/util/pki:go_default_library",
"@io_k8s_api//core/v1:go_default_library",
"@io_k8s_apimachinery//pkg/api/errors:go_default_library",
"@io_k8s_client_go//listers/core/v1:go_default_library",
"@io_k8s_client_go//tools/record:go_default_library",
],
)
go_test(
name = "go_default_test",
srcs = ["selfsigned_test.go"],
embed = [":go_default_library"],
deps = [
"//pkg/api/util:go_default_library",
"//pkg/apis/certmanager:go_default_library",
"//pkg/apis/certmanager/v1:go_default_library",
"//pkg/apis/meta/v1:go_default_library",
"//pkg/controller/certificaterequests:go_default_library",
"//pkg/controller/test:go_default_library",
"//pkg/util/pki:go_default_library",
"//test/unit/gen:go_default_library",
"//test/unit/listers:go_default_library",
"@io_k8s_api//core/v1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/runtime:go_default_library",
"@io_k8s_client_go//listers/core/v1:go_default_library",
"@io_k8s_client_go//testing:go_default_library",
"@io_k8s_utils//clock/testing:go_default_library",
],
)
filegroup(
name = "package-srcs",
srcs = glob(["**"]),
tags = ["automanaged"],
visibility = ["//visibility:private"],
)
filegroup(
name = "all-srcs",
srcs = [":package-srcs"],
tags = ["automanaged"],
visibility = ["//visibility:public"],
)
Reference in New Issue View Git Blame Copy Permalink