weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
6,746 Commits 45 Branches 0 Tags 96 MiB
Go 96.2%
Makefile 2.6%
Shell 1%
Smarty 0.1%
d384aef754
Go to file
irbekrm d384aef754 Enforce minimum value of experimental.cert-manager.io/request-duration to 600s 
To ensure compatibility with CSR's spec.expirationSeconds

Signed-off-by: irbekrm <irbekrm@gmail.com>
2022-03-22 18:04:21 +00:00
.github add reminder about kinds 2022-01-24 16:53:08 +00:00
build rename all uses of github.com/jetstack/cert-manager 2022-02-02 09:08:31 +00:00
cmd Use Kubernetes CSR spec.expirationSeconds to express cert duration 2022-03-21 09:40:32 -04:00
deploy Merge pull request #4953 from ajvn/feature/allow-privilege-escalation 2022-03-22 11:01:47 +00:00
design Merge pull request #4758 from JoshVanL/design-server-side-apply 2022-03-22 10:14:46 +00:00
devel Merge pull request #4914 from maelvls/install.mk 2022-03-17 09:00:35 +00:00
docs Remove docs/ directory and replace with basic README 2020-01-20 14:53:02 +00:00
hack Merge pull request #4958 from irbekrm/tsig_provider 2022-03-22 12:18:51 +00:00
internal Rename issuanceAttempts -> failedIssuanceAttempts 2022-03-21 07:33:51 +00:00
logo
make add a build source indicator to metadata 2022-03-21 21:37:03 +00:00
pkg Enforce minimum value of experimental.cert-manager.io/request-duration to 600s 2022-03-22 18:04:21 +00:00
test Merge pull request #4772 from irbekrm/exp_backoff 2022-03-21 20:31:23 +00:00
tools rename all uses of github.com/jetstack/cert-manager 2022-02-02 09:08:31 +00:00
.bazelrc support user.bazelrc 2022-02-11 10:41:30 +01:00
.gitignore support user.bazelrc 2022-02-11 10:41:30 +01:00
.krew.yaml rename all uses of github.com/jetstack/cert-manager 2022-02-02 09:08:31 +00:00
BUILD.bazel bazel: ignore .go files in make/ and bin/ 2022-03-13 12:32:08 +01:00
CODE_OF_CONDUCT.md update old references to replaced/obsolete email addresses 2021-05-20 18:05:02 +01:00
CONTRIBUTING.md Simplify the CONTRIBUTING.md document 2022-03-10 10:57:59 +00:00
go.mod Merge pull request #4958 from irbekrm/tsig_provider 2022-03-22 12:18:51 +00:00
go.sum Merge pull request #4958 from irbekrm/tsig_provider 2022-03-22 12:18:51 +00:00
LICENSE
LICENSES Code review comments 2022-03-21 07:33:51 +00:00
Makefile make: add the targets 'e2e-setup-kind', 'e2e-setup-kind', and 'e2e' 2022-03-13 12:32:08 +01:00
OWNERS add jahrlin to OWNERS 2021-12-14 13:28:42 +01:00
README.md readme: link to the contributing guide directly 2022-03-10 11:44:22 +00:00
ROADMAP.md Add a roadmap for the project 2020-10-21 15:57:53 +01:00
SECURITY_CONTACTS.md add @munnerz to SECURITY_CONTACTS.md 2021-05-05 17:35:10 +01:00
SECURITY.md improve language in SECURITY file post-migration 2022-02-15 12:18:00 +00:00
USERS.md rework USERS doc 2022-02-15 10:26:30 +00:00
WORKSPACE Bumps Bazel deps and ingress-nginx test image version 2021-09-30 10:14:05 +01:00
workspace.bzl Code review feedback 2021-09-30 17:23:42 +01:00

README.md

Build Status Go Report Card
Artifact Hub

cert-manager

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.

It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

It is loosely based upon the work of kube-lego and has borrowed some wisdom from other similar projects e.g. kube-cert-manager.

cert-manager high level overview diagram

Documentation

Documentation for cert-manager can be found at cert-manager.io. Please make sure to select the correct version of the documentation to view on the top right of the page.

Issues and PRs towards the documentation should be filed in the website repo.

For the common use-case of automatically issuing TLS certificates to Ingress resources, aka a kube-lego replacement, see the cert-manager nginx ingress quick start guide.

See Installation within the documentation for installation instructions.

Troubleshooting

If you encounter any issues whilst using cert-manager, we have a number of places you can use to try and get help.

First of all we recommend looking at the troubleshooting guide of our documentation.

The quickest way to ask a question is to first post on our Slack channel (#cert-manager) on the Kubernetes Slack. There are a lot of community members in this channel, and you can often get an answer to your question straight away!

You can also try searching for an existing issue. Properly searching for an existing issue will help reduce the number of duplicates, and help you find the answer you are looking for quicker.

Please also make sure to read through the relevant pages in the documentation before opening an issue. You can also search the documentation using the search box on the top left of the page.

If you believe you have encountered a bug, and cannot find an existing issue similar to your own, you may open a new issue. Please be sure to include as much information as possible about your environment.

Community

The cert-manager-dev Google Group is used for project wide announcements and development coordination. Anybody can join the group by visiting here and clicking "Join Group". A Google account is required to join the group.

Bi-weekly Development Meeting

Once you've joined the cert-manager-dev Google Group, you should receive an invite to the bi-weekly development meeting, hosted every other Wednesday at 5pm London time on Google Meet.

Anyone is welcome to join these calls, even if just to ask questions. Meeting notes are recorded in Google docs.

Daily Standups

You are also welcome to join our daily standup every weekday at 10.30am London time on Google Meet. For more information, see cert-manager.io.

Contributing

We welcome pull requests with open arms! There's a lot of work to do here, and we're especially concerned with ensuring the longevity and reliability of the project. The contributing guide will help you get started.

Coding Conventions

Code style guidelines are documented on the coding conventions page of the cert-manager website. Please try to follow those guidelines if you're submitting a pull request for cert-manager.

Importing cert-manager as a Module

⚠️ Please note that cert-manager does not currently provide a Go module compatibility guarantee. That means that most code under pkg/ is subject to change in a breaking way, even between minor or patch releases and even if the code is currently publicly exported.

The lack of a Go module compatibility guarantee does not affect API version guarantees under the Kubernetes Deprecation Policy.

For more details see Importing cert-manager in Go on the cert-manager website.

The import path for cert-manager versions 1.8 and later is github.com/cert-manager/cert-manager.

For all versions of cert-manager before 1.8, including minor and patch releases, the import path is github.com/jetstack/cert-manager.

Security Reporting

Security is the number one priority for cert-manager. If you think you've found a security vulnerability, we'd love to hear from you.

Please follow the instructions in SECURITY.md to report a vulnerability to the team.

Changelog

The list of releases is the best place to look for information on changes between releases.

Logo design by Zoe Paterson