Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cview-issuer for cert-manager #1541

Merged
merged 9 commits into from
Sep 25, 2024
Merged

Conversation

djkormo
Copy link
Contributor

@djkormo djkormo commented Aug 25, 2024

New issuer has been created for cert-manager. It uses cview as dedicated CA. The website of this produkt product https://www.secure-ly.com/c-view-professional-certificates-lifecycle-management/ . Issuer is not open-sourced.

cview-issuser-1

Signed-off-by: Krzysztof Pudłowski <[email protected]>
@cert-manager-prow cert-manager-prow bot added dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Aug 25, 2024
Copy link

netlify bot commented Aug 25, 2024

Deploy Preview for cert-manager ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 1b44994
🔍 Latest deploy log https://app.netlify.com/sites/cert-manager/deploys/66f1cfd31feebf0008640134
😎 Deploy Preview https://deploy-preview-1541--cert-manager.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

Signed-off-by: Krzysztof Pudłowski <[email protected]>
Signed-off-by: Krzysztof Pudłowski <[email protected]>
@Dror1966
Copy link

Dror1966 commented Sep 1, 2024

Hi, Can you prioritize this issue?

Signed-off-by: Krzysztof Pudłowski <[email protected]>
@djkormo
Copy link
Contributor Author

djkormo commented Sep 3, 2024

@jakexks Please help me with this npm check. I do not understand why it is failed.

[spelling]     content/docs/configuration/issuers.md
[spelling]        18 | | 🥈   | cview-issuer                | [📄][config: 
[spelling]        18 | ig:cview-issuer]           | [Cview issuer][ca:cview-issuer]  

Signed-off-by: Krzysztof Pudłowski <[email protected]>
Signed-off-by: Krzysztof Pudłowski <[email protected]>
Signed-off-by: Krzysztof Pudłowski <[email protected]>
@djkormo
Copy link
Contributor Author

djkormo commented Sep 16, 2024

The spelling has been corrected.

@djkormo

This comment was marked as spam.

@djkormo djkormo marked this pull request as draft September 22, 2024 14:14
@cert-manager-prow cert-manager-prow bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 22, 2024
@djkormo

This comment was marked as spam.

@djkormo djkormo marked this pull request as ready for review September 22, 2024 14:17
@cert-manager-prow cert-manager-prow bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 22, 2024
@cert-manager-prow
Copy link
Contributor

@djkormo: you cannot LGTM your own PR.

In response to this:

/lgtm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@djkormo djkormo removed their assignment Sep 22, 2024
@djkormo

This comment was marked as spam.

@djkormo

This comment was marked as spam.

@cert-manager-prow
Copy link
Contributor

@djkormo: GitHub didn't allow me to assign the following users: sorah.

Note that only cert-manager members with read permissions, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time.
For more information please see the contributor guide

In response to this:

/assign @sorah

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@djkormo

This comment was marked as spam.

Copy link
Member

@SgtCoDFish SgtCoDFish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey, thanks for contributing!

It looks like the deploy preview is showing a broken link for this. Looks like the ca:cview-issuer link hasn't been added.

Could you fix that? I'd be happy to merge then!

Screenshot 2024-09-23 at 15 01 43

@@ -15,6 +15,7 @@ The following list contains all known cert-manager issuer integrations.
| 🥈 | aws-privateca-issuer | [📄][config:aws-privateca-issuer] | [AWS Private Certificate Authority][ca:aws-privateca-issuer] | - | [✔️][release:aws-privateca-issuer] | ✔️ |
| 🥈 | ca-issuer (in-tree) | [📄][config:ca-issuer] | CA issuer | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | command-issuer | [📄][config:command-issuer] | [Keyfactor Command][ca:command-issuer] | - | [✔️][release:command-issuer] | ✔️ |
| 🥈 | cview-issuer | [📄][config:cview-issuer] | [cview-issuer][ca:cview-issuer] | - | [✔️][release:cview-issuer] | ❌ |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have a releases page? We have to make sure the issuer has had a release in the last 12 months.

Also, can you confirm the following (does not require a proof):

  • These issuers are known to support and honor approval.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a release page for helm chart. But the release of issuer image is in a private repo.
Images for issuer are visible on docker hub . https://hub.docker.com/r/devsecurely/cview-issuer/tags

Signed-off-by: Krzysztof Pudłowski <[email protected]>
@cert-manager-prow cert-manager-prow bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Sep 23, 2024
@djkormo djkormo requested a review from SgtCoDFish September 23, 2024 20:27
Signed-off-by: Krzysztof Pudłowski <[email protected]>
@djkormo djkormo requested a review from inteon September 23, 2024 20:35
Copy link
Member

@SgtCoDFish SgtCoDFish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for updating the link, it looks correct now!

There's one last thing based on inteon's comment - can you confirm that your issuer honors approval?

That is, it will not issue for a cert request which is not marked "Approved"?

If your issuer is based on issuer-lib then it should handle approval. If it's more custom it might not, so we need to check!

Copy link
Member

@inteon inteon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/lgtm
/hold We can unhold once you confirm it does handle approval.

@cert-manager-prow cert-manager-prow bot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm Indicates that a PR is ready to be merged. labels Sep 24, 2024
@cert-manager-prow
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: djkormo, inteon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cert-manager-prow cert-manager-prow bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 24, 2024
@djkormo
Copy link
Contributor Author

djkormo commented Sep 24, 2024

Code was written on the base from this repo
https://github.com/cert-manager/sample-external-issuer/tree/main

It does handle approval.

@djkormo djkormo requested a review from inteon September 24, 2024 19:43
@inteon
Copy link
Member

inteon commented Sep 25, 2024

/unhold

@cert-manager-prow cert-manager-prow bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 25, 2024
@inteon inteon merged commit f8833a3 into cert-manager:master Sep 25, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants