Commit Graph

1286 Commits

Author SHA1 Message Date
Justin
351c01cf7e Do not allow pods in one namespace to create certificates for hostnames from another namespace. (#54)
* Do not allow pods in one namespace to create certificates for hostnames from another namespace.

* Make cluster domain configurable, clean up shouldMutate() logic, and make namespace restrictions configurable with restrictCertificatesToNamespace.

* Return certificate hostname validation errors in the admission webhook response.

* Appease the gometalinter.
2019-04-08 12:24:31 -07:00
Mariano Cano
89b25bfb90 Use update-go-jose branch of smallstep/cli 2019-04-05 13:04:44 -07:00
Mariano Cano
1812c0619a Update go-jose to 2.3.0.
This is a dependency for smallstep/cli#105, it will be solved once
square/go-jose#224 gets merged
2019-04-05 12:54:23 -07:00
max furman
d85a083ce2 Add version to git archive name 2019-04-05 11:38:43 -07:00
max furman
8c5b14b88c docs: Update distribution artifacts 2019-04-05 10:45:40 -07:00
Mariano Cano
888ef147fa Expose a way to update the transport. 2019-04-03 19:37:12 -07:00
Mariano Cano
c42265972a Add the autocert provisioner to the ca package. 2019-04-03 12:37:17 -07:00
Mariano Cano
7800f5960a Add test for GetCertificateRenewer 2019-04-03 11:53:04 -07:00
Mariano Cano
8d2de64811 Add method to get a certificate renewer. 2019-04-03 11:08:09 -07:00
Mariano Cano
27b6ac0a58 Add INT and TERM signal handler. 2019-04-03 11:07:11 -07:00
max furman
47eed2b914 forgot to add make target 2019-03-29 12:53:09 -07:00
max furman
464d1d4255 cli update 2019-03-29 12:39:48 -07:00
max furman
54af415d60 Add make archive for uploading source code tarball
* git default source code tarballs have a tendency of changing shasums
2019-03-29 12:37:58 -07:00
Mariano Cano
760117adf6 Fix links and typos. 2019-03-28 16:35:20 -07:00
Mariano Cano
3b2518a106 Update kubectl version. 2019-03-28 12:29:01 -07:00
Mariano Cano
efb2a725a8 Add controller missing dependencies 2019-03-28 12:21:07 -07:00
Mariano Cano
c099795122 Revert use latest version as it does not yet exists. 2019-03-28 11:28:39 -07:00
Mariano Cano
72eb069baf Fix typo
Fixes #43
2019-03-28 11:01:01 -07:00
Mariano Cano
35d09faaa0 Add link to docker.md 2019-03-27 13:05:58 -07:00
Mariano Cano
ce54927dab Use latest tag. 2019-03-27 12:02:27 -07:00
Mariano Cano
620abc538f Fix comment. 2019-03-27 12:02:18 -07:00
Mariano Cano
1d022f1f6b Add latest tag to release builds
Fixes #47
2019-03-27 11:35:17 -07:00
Mariano Cano
f1dacc6b57 Remove deprecated script. 2019-03-27 11:04:51 -07:00
Mariano Cano
b5d67ab129 Remove exposed port, it depends on the configuration. 2019-03-27 11:02:33 -07:00
Mariano Cano
1579a87cc6 Remove unnecessary file. 2019-03-27 10:49:46 -07:00
Max
8b2de42e9c
Merge pull request #58 from smallstep/seb/oidc-docs 2019-03-27 09:36:55 -07:00
Mariano Cano
2f661c0941 Update docker images and add docs on how to run step-ca on docker.
Fixes #48
2019-03-26 19:00:13 -07:00
max furman
1bb25b5171 update cli dep | update release docs 2019-03-26 15:06:38 -07:00
Sebastian Tiedtke
fab5f01cc5 Use personal cert 2019-03-26 15:01:59 -07:00
max furman
f75a52d55b A few fixes to the OIDC provisioner docs 2019-03-26 14:43:06 -07:00
Sebastian Tiedtke
52f09605f4 Typo 2019-03-26 14:04:34 -07:00
Sebastian Tiedtke
bf9bb7f9a1 Add closing note 2019-03-26 13:47:01 -07:00
Sebastian Tiedtke
725db1e127 Add docs for OIDC with Gsuite 2019-03-26 13:44:31 -07:00
Mariano Cano
2f2e748aca Use Go 1.12 2019-03-25 16:19:33 -07:00
Mariano Cano
eacd2122d0 Use cli master dependency 2019-03-25 15:58:22 -07:00
Mariano Cano
04da00d716
Merge pull request #55 from smallstep/x509util-real-x509
Use standard x509 creating signed certificates
2019-03-25 15:50:57 -07:00
Mariano Cano
5b8b9ff768
Merge pull request #56 from smallstep/time-duration
TimeDuration support in sign requests.
2019-03-25 14:31:46 -07:00
Mariano Cano
7b9e08bcfa Fix comment. 2019-03-25 14:18:46 -07:00
Mariano Cano
64f2615864 Fix tests. 2019-03-25 12:35:21 -07:00
Mariano Cano
6d92ba75b9 Don't use pointer in TimeDuration.MarshalJSON 2019-03-25 12:34:01 -07:00
Mariano Cano
698058baa9 Add tests for TimeDuration. 2019-03-25 12:05:34 -07:00
Mariano Cano
00fed1c538 Add initial version of time duration support in sign requests. 2019-03-22 18:55:28 -07:00
Sebastian Tiedtke
7b1f4a43cf
Added example for custom claims (#39)
Add docs and examples for custom claims
2019-03-22 12:16:56 -07:00
Mariano Cano
8c8547bf65 Remove unnecessary parse and improve tests. 2019-03-20 18:11:45 -07:00
Mariano Cano
da7360e445 Use x509util-real-x509 branch of cli 2019-03-20 17:44:59 -07:00
Mariano Cano
b9530909a4 Fix tests. 2019-03-20 17:41:37 -07:00
Mariano Cano
a3e2b4a552 Move certificate check to the right place. 2019-03-20 17:36:45 -07:00
Mariano Cano
30a6889d1f Use standard x509 instead of step one. 2019-03-20 17:12:52 -07:00
Mariano Cano
6b6d61df65
Merge pull request #53 from smallstep/claims-omitempty
Proper omitempty on claims
2019-03-19 18:44:37 -07:00
Mariano Cano
68ff077ea9 Improve tests. 2019-03-19 15:31:14 -07:00