Commit Graph

124 Commits

Author SHA1 Message Date
Tim Allclair
9d3670f358 Ensure testing credentials are labeled as such 2020-02-04 10:36:05 -08:00
David Eads
5c2d2c5ef1 rename dynamic cert loading to be more accurate 2020-01-22 15:00:46 -05:00
David Eads
6ccfc3aecf add dynamic reloading for CSR signing controllers 2020-01-22 15:00:46 -05:00
Jordan Liggitt
054e3846fc Use v1 subjectaccessreview API in controller-manager CSR approver 2020-01-13 15:55:52 -05:00
danielqsj
5bc0e26c19 unify alias of api errors under pkg and staging 2019-12-26 16:42:28 +08:00
yuxiaobo
81e9f21f83 Correct spelling mistakes
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
2019-11-06 20:25:19 +08:00
Mike Danese
6a004d0c18 support URI SANs in local signer 2019-11-04 10:56:06 -08:00
Mike Danese
fe51712288 refactor into seperate authority package 2019-11-04 10:56:06 -08:00
Mike Danese
4bd2c3998f don't use cfssl in signer 2019-11-04 10:56:06 -08:00
Ryan Phillips
f87da3fdfa fixes for tests to pass with FIPS compiler
* use P256 ECDSA key since P224 is not supported
* regen test certs to be 2048bits
2019-10-30 10:10:11 -05:00
wojtekt
7b6bcdf780 Autogenerated code 2019-10-24 20:21:00 +02:00
Yassine TIJANI
c1487840bc move util/metrics to component-base
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
2019-10-08 14:42:31 +02:00
David Eads
e8b5781499 add identification for particular certificate controllers 2019-09-03 14:05:04 -04:00
Yassine TIJANI
7e4c3096fe move WaitForCacheSync to the sharedInformer package
Signed-off-by: Yassine TIJANI <ytijani@vmware.com>
2019-08-22 16:13:41 +01:00
David Xia
fabfd950b1
cleanup: fix some log and error capitalizations
Part of https://github.com/kubernetes/kubernetes/issues/15863
2019-07-20 18:26:16 -04:00
SataQiu
3c35e4e2d6 fix golint failures of pkg/controller/certificates/approver 2019-05-02 10:37:38 +08:00
stewart-yu
ecbd5427e7 auto-generated file 2019-03-02 12:55:26 +08:00
stewart-yu
e01ff1641c move config local to every controllers in kube-controller-manager 2019-03-02 12:54:33 +08:00
Jordan Liggitt
d1e865ee34 Update client callers to use explicit versions 2019-02-26 08:36:30 -05:00
Kubernetes Prow Robot
9fcbf02dca
Merge pull request #74044 from danielqsj/dr
fix the disruption-recheck metrics register error
2019-02-21 20:51:01 -08:00
danielqsj
687d759e36 fix more metrics rergister errors 2019-02-22 10:20:09 +08:00
Kubernetes Prow Robot
808f2cf0ef
Merge pull request #72525 from justinsb/owners_should_not_be_executable
Remove executable file permission from OWNERS files
2019-02-14 23:55:45 -08:00
Kubernetes Prow Robot
b50c643be0
Merge pull request #73540 from rlenferink/patch-5
Updated OWNERS files to include link to docs
2019-02-08 09:05:56 -08:00
Roy Lenferink
b43c04452f Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
David Eads
179dc4ca43 csr signer has no need to sign certificates for a duration longer than the signer itself 2019-02-04 13:22:17 -05:00
Justin SB
dd19b923b7
Remove executable file permission from OWNERS files 2019-01-11 16:42:59 -08:00
k8s-ci-robot
1a9fd268a9
Merge pull request #71005 from mikedanese/certpubfix
rootcacertpublisher: trigger resync on namespace add and update
2018-11-14 11:38:07 -08:00
WanLinghao
fb3d1caf9b fix a typo error imported by https://github.com/kubernetes/kubernetes/pull/68812 2018-11-13 13:23:10 -08:00
Mike Danese
bf02f55147 rootcacertpublisher: trigger resync on namespace add and update
Last cleanup was a bit overzealous.
2018-11-13 11:38:45 -08:00
Mike Danese
206f5892a7 combine syncs in rootcacertpublisher
and some misc simplifications.
2018-11-11 11:29:32 -08:00
Davanum Srinivas
954996e231
Move from glog to klog
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
  * github.com/kubernetes/repo-infra
  * k8s.io/gengo/
  * k8s.io/kube-openapi/
  * github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods

Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
2018-11-10 07:50:31 -05:00
Mike Danese
1469bb413e finish controller name change and don't double check feature flag 2018-11-08 15:51:49 -08:00
k8s-ci-robot
3f5db92840
Merge pull request #68812 from WanLinghao/token_projection_ca_secret_create
Create Ca-certificate configmap  used by token projected volume
2018-11-08 10:57:25 -08:00
WanLinghao
efac533f92 To inject ca.crt into container when projected volume was specified, configmap should be created in each namespace.
This patch add a controller called "root-ca-cert-publisher" to complete above job as well as some bootstrap rbac policies.
2018-11-08 11:33:47 +08:00
Jordan Liggitt
4ebe084376 certificates subproject approvers/reviewers 2018-11-06 00:57:38 -05:00
Guoliang Wang
b1ac6df4dc remove unused code of (pkg/controller) 2018-10-09 08:15:30 +08:00
chentao1596
e640e76a8a UT case of certificate_controller 2018-07-14 16:40:08 +08:00
Cao Shufeng
855842c468 optimize certificate cleaner
No need to parse certificates for every conditions
2018-07-12 18:59:03 +08:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Kubernetes Submit Queue
7eb88f11d2
Merge pull request #59727 from wgliang/master.time
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

should use time.Since instead of time.Now().Sub

**What this PR does / why we need it**:
should use time.Since instead of time.Now().Sub

**Special notes for your reviewer**:
2018-05-10 20:29:40 -07:00
Andrew Lytvynov
ff85d34d4e Add awly as reviewer in several subtrees 2018-04-18 12:22:04 -07:00
Mike Danese
7665f15b7d sarapprover: remove self node cert
The functionality to bootstrap node certificates is ready but is blocked
by a seperable issue discussed in:
https://github.com/kubernetes/community/pull/1982. The functionality
could be useful for power users who want to write their own approvers if
the feature could be promoted to beta. In it's current state this
feature doesn't help anybody.

I propose that we remove automated approval of node serving certificates
for now and work towards getting the node functionality to beta.
2018-04-13 11:23:51 -07:00
Wang Guoliang
89669283fe should use time.Since instead of time.Now().Sub 2018-04-10 12:05:51 +08:00
Mikhail Mazurskiy
468655b76a
Use typed events client directly 2018-04-01 18:57:29 +10:00
Jeff Grafton
ef56a8d6bb Autogenerated: hack/update-bazel.sh 2018-02-16 13:43:01 -08:00
Kubernetes Submit Queue
e740fe68c5
Merge pull request #58264 from WanLinghao/log_fix
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

	fix some log param error

this patch fix some log parameter mistakes.



**What this PR does / why we need it**:

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note 
/release-note-none
```
2018-02-06 20:27:36 -08:00
WanLinghao
70ef581ecc fix some log param error
modified:   pkg/cloudprovider/providers/vsphere/vsphere_util.go
	modified:   pkg/controller/certificates/cleaner/cleaner.go
	modified:   pkg/controller/volume/pvcprotection/pvc_protection_controller.go
	modified:   pkg/volume/azure_dd/azure_mounter.go
2018-01-26 12:16:00 +08:00
Jordan Liggitt
4b9f00988b
Switch from juju/ratelimit to golang.org/x/time/rate 2018-01-19 11:48:52 -05:00
Jeff Grafton
efee0704c6 Autogenerate BUILD files 2017-12-23 13:12:11 -08:00
Mike Danese
0e0f8346e7 sarapprover: increase base delay of per item rate limit
from 5 miliseconds to 1 second
2017-11-16 11:27:06 -08:00