diff --git a/README.md b/README.md
index 55e3383..519256f 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ The documentation for this extension can be found [here](https://quarkiverse.git
| Quarkus Cert-Manager Version | Quarkus Version |
|---|---|
+| 0.1.0 | Quarkus 3+ |
| 0.0.2 | Quarkus 2.12+ |
| 0.0.1 | Quarkus 2.12+ |
diff --git a/deployment/pom.xml b/deployment/pom.xml
index b15293e..6f7c73b 100644
--- a/deployment/pom.xml
+++ b/deployment/pom.xml
@@ -29,7 +29,10 @@
io.dekorate
certmanager-annotations
- noapt
+
+
+
+ 3.5.5
io.dekorate
diff --git a/deployment/src/main/java/io/quarkiverse/certmanager/deployment/CertManagerProcessor.java b/deployment/src/main/java/io/quarkiverse/certmanager/deployment/CertManagerProcessor.java
index 5728c04..d766080 100644
--- a/deployment/src/main/java/io/quarkiverse/certmanager/deployment/CertManagerProcessor.java
+++ b/deployment/src/main/java/io/quarkiverse/certmanager/deployment/CertManagerProcessor.java
@@ -54,12 +54,15 @@ public class CertManagerProcessor {
private static final Logger LOGGER = Logger.getLogger(CertManagerProcessor.class);
@BuildStep
- FeatureBuildItem feature(Capabilities capabilities, ApplicationInfoBuildItem applicationInfo, CertificateConfig config,
+ public FeatureBuildItem feature(Capabilities capabilities, ApplicationInfoBuildItem applicationInfo,
+ CertificateConfig config,
BuildProducer configurationSupplier,
BuildProducer decorators) {
validate(config);
- configureDekorateToGenerateCertManagerResources(config, configurationSupplier);
- configureSecuredEndpoints(capabilities, applicationInfo, config, decorators);
+ String name = getResourceName(capabilities, applicationInfo);
+
+ configureDekorateToGenerateCertManagerResources(name, config, configurationSupplier);
+ configureSecuredEndpoints(name, capabilities, config, decorators);
return new FeatureBuildItem(FEATURE);
}
@@ -74,36 +77,36 @@ private void validate(CertificateConfig config) {
}
}
- private static void configureSecuredEndpoints(Capabilities capabilities, ApplicationInfoBuildItem applicationInfo,
- CertificateConfig config, BuildProducer decorators) {
+ private static void configureSecuredEndpoints(String name, Capabilities capabilities, CertificateConfig config,
+ BuildProducer decorators) {
if (config.autoconfigure() == AutoConfigureMode.NONE) {
return;
}
if (config.autoconfigure() == AutoConfigureMode.AUTOMATIC) {
if (isOpenShift(capabilities) && isRouteExposed()) {
- configureRouteTsl(capabilities, applicationInfo, config, decorators);
+ configureRouteTsl(name, config, decorators);
} else if (isIngressExposed()) {
- configureIngressTsl(capabilities, applicationInfo, config, decorators);
+ configureIngressTsl(name, config, decorators);
} else {
configureQuarkusHttpSsl(config, decorators);
}
} else if (config.autoconfigure() == AutoConfigureMode.ALL) {
configureQuarkusHttpSsl(config, decorators);
if (isOpenShift(capabilities) && isRouteExposed()) {
- configureRouteTsl(capabilities, applicationInfo, config, decorators);
+ configureRouteTsl(name, config, decorators);
}
if (isIngressExposed()) {
- configureIngressTsl(capabilities, applicationInfo, config, decorators);
+ configureIngressTsl(name, config, decorators);
}
} else if (config.autoconfigure() == AutoConfigureMode.CLUSTER_ONLY) {
if (isOpenShift(capabilities) && isRouteExposed()) {
- configureRouteTsl(capabilities, applicationInfo, config, decorators);
+ configureRouteTsl(name, config, decorators);
}
if (isIngressExposed()) {
- configureIngressTsl(capabilities, applicationInfo, config, decorators);
+ configureIngressTsl(name, config, decorators);
}
} else if (config.autoconfigure() == AutoConfigureMode.HTTPS_ONLY) {
configureQuarkusHttpSsl(config, decorators);
@@ -143,39 +146,35 @@ private static void configureQuarkusHttpSsl(CertificateConfig config, BuildProdu
}
}
- private static void configureRouteTsl(Capabilities capabilities, ApplicationInfoBuildItem applicationInfo,
- CertificateConfig certificateConfig, BuildProducer decorators) {
+ private static void configureRouteTsl(String name, CertificateConfig certificateConfig,
+ BuildProducer decorators) {
if (certificateConfig.issuerRef().isPresent()) {
String issuerName = certificateConfig.issuerRef().get().name();
- if (CLUSTER_ISSUER.equals(certificateConfig.issuerRef().get().kind())) {
- addAnnotationIntoRoute(CertManagerAnnotations.CLUSTER_ISSUER, issuerName, capabilities, applicationInfo,
- decorators);
+ Optional kind = certificateConfig.issuerRef().get().kind();
+ if (kind.isPresent() && CLUSTER_ISSUER.equals(kind.get())) {
+ addAnnotationIntoRoute(name, CertManagerAnnotations.CLUSTER_ISSUER, issuerName, decorators);
} else {
- addAnnotationIntoRoute(CertManagerAnnotations.ISSUER, issuerName, capabilities, applicationInfo, decorators);
+ addAnnotationIntoRoute(name, CertManagerAnnotations.ISSUER, issuerName, decorators);
}
} else {
- addAnnotationIntoRoute(CertManagerAnnotations.ISSUER, getResourceName(capabilities, applicationInfo),
- capabilities, applicationInfo, decorators);
+ addAnnotationIntoRoute(name, CertManagerAnnotations.ISSUER, name, decorators);
}
}
- private static void configureIngressTsl(Capabilities capabilities, ApplicationInfoBuildItem applicationInfo,
- CertificateConfig certificateConfig,
+ private static void configureIngressTsl(String name, CertificateConfig certificateConfig,
BuildProducer decorators) {
String[] tlsHosts = certificateConfig.dnsNames().map(l -> l.toArray(new String[0])).orElse(new String[0]);
decorators.produce(new DecoratorBuildItem(KUBERNETES,
- new AddIngressTlsDecorator(getResourceName(capabilities, applicationInfo),
+ new AddIngressTlsDecorator(name,
new IngressBuilder()
.withTlsSecretName(certificateConfig.secretName())
.withTlsHosts(tlsHosts)
.build())));
}
- private static void addAnnotationIntoRoute(String annotation, String value, Capabilities capabilities,
- ApplicationInfoBuildItem applicationInfo,
+ private static void addAnnotationIntoRoute(String name, String annotation, String value,
BuildProducer decorators) {
- decorators.produce(new DecoratorBuildItem(OPENSHIFT_GROUP,
- new AddAnnotationDecorator(getResourceName(capabilities, applicationInfo), annotation, value, ROUTE)));
+ decorators.produce(new DecoratorBuildItem(OPENSHIFT_GROUP, new AddAnnotationDecorator(name, annotation, value, ROUTE)));
}
private static void configureQuarkusHttpSslWithKeystore(CertificateConfig config, KeystoreType type,
@@ -196,16 +195,16 @@ private static void configureQuarkusHttpSslWithKeystore(CertificateConfig config
}
- private static void configureDekorateToGenerateCertManagerResources(CertificateConfig config,
+ private static void configureDekorateToGenerateCertManagerResources(String name, CertificateConfig config,
BuildProducer configurationSupplier) {
configurationSupplier.produce(
new ConfigurationSupplierBuildItem(
new PropertyConfiguration(
CertificateConfigAdapter.newBuilder(
- CertManagerConfigUtil.transformToDekorateProperties(config)))));
+ CertManagerConfigUtil.transformToDekorateProperties(name, config)))));
}
- public static String getResourceName(Capabilities capabilities, ApplicationInfoBuildItem info) {
+ private static String getResourceName(Capabilities capabilities, ApplicationInfoBuildItem info) {
Config config = ConfigProvider.getConfig();
Optional resourceName;
if (isOpenShift(capabilities)) {
diff --git a/deployment/src/main/java/io/quarkiverse/certmanager/deployment/utils/CertManagerConfigUtil.java b/deployment/src/main/java/io/quarkiverse/certmanager/deployment/utils/CertManagerConfigUtil.java
index 5bb5141..becd7c5 100644
--- a/deployment/src/main/java/io/quarkiverse/certmanager/deployment/utils/CertManagerConfigUtil.java
+++ b/deployment/src/main/java/io/quarkiverse/certmanager/deployment/utils/CertManagerConfigUtil.java
@@ -16,14 +16,13 @@
public final class CertManagerConfigUtil {
private static final String QUARKUS_PREFIX = "quarkus.certificate.";
- private static final String DEKORATE_PREFIX = "dekorate.certificate.";
private static final String MULTIPART_SEPARATOR_PATTERN = Pattern.quote(".");
private CertManagerConfigUtil() {
}
- public static Map transformToDekorateProperties(CertificateConfig certificateConfig) {
+ public static Map transformToDekorateProperties(String name, CertificateConfig certificateConfig) {
Config config = ConfigProvider.getConfig();
Map certificateProperties = StreamSupport.stream(config.getPropertyNames().spliterator(), false)
.filter(k -> k.startsWith(QUARKUS_PREFIX))
@@ -33,6 +32,8 @@ public static Map transformToDekorateProperties(CertificateConfi
// workaround to deal with properties that are Optional>. ConfigProvider.getConfig() retrieves these
// properties as string "a,b" instead of the type Optional>, so we need to manually add it.
overwriteNonStringProperties(certificateConfig, certificateProperties);
+ // set the name if it does not exist
+ certificateProperties.putIfAbsent("name", name);
return certificateProperties;
}
diff --git a/docs/modules/ROOT/pages/includes/attributes.adoc b/docs/modules/ROOT/pages/includes/attributes.adoc
index 63086ff..616c53c 100644
--- a/docs/modules/ROOT/pages/includes/attributes.adoc
+++ b/docs/modules/ROOT/pages/includes/attributes.adoc
@@ -1,4 +1,4 @@
-:quarkus-version: 2.16.0.Final
+:quarkus-version: 3.0.0.Final
:quarkus-certmanager-version: 0.0.2
:maven-version: 3.8.1+
diff --git a/docs/modules/ROOT/pages/includes/quarkus-certificate.adoc b/docs/modules/ROOT/pages/includes/quarkus-certificate.adoc
index b1aa468..88bab7a 100644
--- a/docs/modules/ROOT/pages/includes/quarkus-certificate.adoc
+++ b/docs/modules/ROOT/pages/includes/quarkus-certificate.adoc
@@ -238,6 +238,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_ISSUER_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -252,6 +254,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The kind of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_ISSUER_REF_KIND+++[]
endif::add-copy-button-to-env-var[]
@@ -266,6 +270,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The group of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_ISSUER_REF_GROUP+++[]
endif::add-copy-button-to-env-var[]
@@ -285,6 +291,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The name of the secret used to sign Certificates issued by this Issuer.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_CA_SECRET_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -299,6 +307,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_CA_CRL_DISTRIBUTION_POINTS+++[]
endif::add-copy-button-to-env-var[]
@@ -318,6 +328,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The connection address for the Vault server, e.g: “https://vault.example.com:8200”.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_SERVER+++[]
endif::add-copy-button-to-env-var[]
@@ -332,6 +344,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The mount path of the Vault PKI backend’s sign endpoint, e.g: “my_pki_mount/sign/my-role-name”.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_PATH+++[]
endif::add-copy-button-to-env-var[]
@@ -360,6 +374,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_CA_BUNDLE+++[]
endif::add-copy-button-to-env-var[]
@@ -370,7 +386,7 @@ endif::add-copy-button-to-env-var[]
|required icon:exclamation-circle[title=Configuration property is required]
-h|[[quarkus-certificate_quarkus.certificate.vault.auth-token-secret-ref]]link:#quarkus-certificate_quarkus.certificate.vault.auth-token-secret-ref[]
+h|[[quarkus-certificate_quarkus.certificate.vault.auth-token-secret-ref-the-reference-where-to-retrieve-the-vault-token]]link:#quarkus-certificate_quarkus.certificate.vault.auth-token-secret-ref-the-reference-where-to-retrieve-the-vault-token[The reference where to retrieve the Vault token]
This configuration section is optional
h|Type
h|Default
@@ -379,6 +395,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_TOKEN_SECRET_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -393,6 +411,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The key of the entry in the Secret resource’s data field to be used.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_TOKEN_SECRET_REF_KEY+++[]
endif::add-copy-button-to-env-var[]
@@ -403,10 +423,17 @@ endif::add-copy-button-to-env-var[]
|required icon:exclamation-circle[title=Configuration property is required]
+h|[[quarkus-certificate_quarkus.certificate.vault.auth-app-role-the-vault-authentication-using-app-role-auth-mechanism]]link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role-the-vault-authentication-using-app-role-auth-mechanism[The Vault authentication using App Role auth mechanism]
+This configuration section is optional
+h|Type
+h|Default
+
a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-app-role.path]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.path[quarkus.certificate.vault.auth-app-role.path]`
[.description]
--
+The App Role authentication backend is mounted in Vault, e.g: “approle”
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_PATH+++[]
endif::add-copy-button-to-env-var[]
@@ -421,6 +448,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The App Role authentication backend when setting up the authentication backend in Vault.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_ROLE_ID+++[]
endif::add-copy-button-to-env-var[]
@@ -431,130 +460,91 @@ endif::add-copy-button-to-env-var[]
|required icon:exclamation-circle[title=Configuration property is required]
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.mount-path]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.mount-path[quarkus.certificate.vault.auth-kubernetes.mount-path]`
-
-[.description]
---
-ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_MOUNT_PATH+++[]
-endif::add-copy-button-to-env-var[]
-ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_MOUNT_PATH+++`
-endif::add-copy-button-to-env-var[]
---|string
-|required icon:exclamation-circle[title=Configuration property is required]
-
+h|[[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref-the-reference-to-a-key-in-a-secret-that-contains-the-app-role-secret-used-to-authenticate-with-vault]]link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref-the-reference-to-a-key-in-a-secret-that-contains-the-app-role-secret-used-to-authenticate-with-vault[The reference to a key in a Secret that contains the App Role secret used to authenticate with Vault]
+This configuration section is optional
+h|Type
+h|Default
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.role]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.role[quarkus.certificate.vault.auth-kubernetes.role]`
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.name]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.name[quarkus.certificate.vault.auth-app-role.secret-ref.name]`
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_ROLE+++[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_ROLE+++`
+Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_NAME+++`
endif::add-copy-button-to-env-var[]
--|string
|required icon:exclamation-circle[title=Configuration property is required]
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.rotation-policy]]`link:#quarkus-certificate_quarkus.certificate.private-key.rotation-policy[quarkus.certificate.private-key.rotation-policy]`
-
-[.description]
---
-ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ROTATION_POLICY+++[]
-endif::add-copy-button-to-env-var[]
-ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ROTATION_POLICY+++`
-endif::add-copy-button-to-env-var[]
--- a|
-`unset`, `never`, `always`
-|`unset`
-
-
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.encoding]]`link:#quarkus-certificate_quarkus.certificate.private-key.encoding[quarkus.certificate.private-key.encoding]`
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.key]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.key[quarkus.certificate.vault.auth-app-role.secret-ref.key]`
[.description]
--
-ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ENCODING+++[]
-endif::add-copy-button-to-env-var[]
-ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ENCODING+++`
-endif::add-copy-button-to-env-var[]
--- a|
-`unset`, `pkcs1`, `pkcs8`
-|`unset`
-
+The key of the entry in the Secret resource’s data field to be used.
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.algorithm]]`link:#quarkus-certificate_quarkus.certificate.private-key.algorithm[quarkus.certificate.private-key.algorithm]`
-
-[.description]
---
ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ALGORITHM+++[]
-endif::add-copy-button-to-env-var[]
-ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ALGORITHM+++`
-endif::add-copy-button-to-env-var[]
--- a|
-`unset`, `rsa`, `ed25519`, `ecdsa`
-|`unset`
-
-
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.size]]`link:#quarkus-certificate_quarkus.certificate.private-key.size[quarkus.certificate.private-key.size]`
-
-[.description]
---
-ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_SIZE+++[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_KEY+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_SIZE+++`
+Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_KEY+++`
endif::add-copy-button-to-env-var[]
---|int
-|`-1`
+--|string
+|required icon:exclamation-circle[title=Configuration property is required]
-h|[[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref]]link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref[]
+h|[[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes-the-vault-authentication-using-kubernetes-service-account]]link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes-the-vault-authentication-using-kubernetes-service-account[The Vault authentication using Kubernetes service account]
This configuration section is optional
h|Type
h|Default
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.name]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.name[quarkus.certificate.vault.auth-app-role.secret-ref.name]`
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.mount-path]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.mount-path[quarkus.certificate.vault.auth-kubernetes.mount-path]`
[.description]
--
+The mount path to use when authenticating with Vault.
+
ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_NAME+++[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_MOUNT_PATH+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_NAME+++`
+Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_MOUNT_PATH+++`
endif::add-copy-button-to-env-var[]
--|string
|required icon:exclamation-circle[title=Configuration property is required]
-a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.key]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-app-role.secret-ref.key[quarkus.certificate.vault.auth-app-role.secret-ref.key]`
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.role]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.role[quarkus.certificate.vault.auth-kubernetes.role]`
[.description]
--
+The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault.
+
ifdef::add-copy-button-to-env-var[]
-Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_KEY+++[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_ROLE+++[]
endif::add-copy-button-to-env-var[]
ifndef::add-copy-button-to-env-var[]
-Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_APP_ROLE_SECRET_REF_KEY+++`
+Environment variable: `+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_ROLE+++`
endif::add-copy-button-to-env-var[]
--|string
|required icon:exclamation-circle[title=Configuration property is required]
+h|[[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.secret-ref-the-reference-to-a-key-in-a-secret-that-contains-the-app-role-secret-used-to-authenticate-with-vault]]link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.secret-ref-the-reference-to-a-key-in-a-secret-that-contains-the-app-role-secret-used-to-authenticate-with-vault[The reference to a key in a Secret that contains the App Role secret used to authenticate with Vault]
+This configuration section is optional
+h|Type
+h|Default
+
a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.secret-ref.name]]`link:#quarkus-certificate_quarkus.certificate.vault.auth-kubernetes.secret-ref.name[quarkus.certificate.vault.auth-kubernetes.secret-ref.name]`
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_SECRET_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -569,6 +559,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The key of the entry in the Secret resource’s data field to be used.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_VAULT_AUTH_KUBERNETES_SECRET_REF_KEY+++[]
endif::add-copy-button-to-env-var[]
@@ -588,6 +580,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+If the self-signed issuer should be generated.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SELF_SIGNED_ENABLED+++[]
endif::add-copy-button-to-env-var[]
@@ -602,6 +596,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SELF_SIGNED_CRL_DISTRIBUTION_POINTS+++[]
endif::add-copy-button-to-env-var[]
@@ -621,6 +617,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The organizations to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_ORGANIZATIONS+++[]
endif::add-copy-button-to-env-var[]
@@ -635,6 +633,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The countries to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_COUNTRIES+++[]
endif::add-copy-button-to-env-var[]
@@ -649,6 +649,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The organizational Units to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_ORGANIZATIONAL_UNITS+++[]
endif::add-copy-button-to-env-var[]
@@ -663,6 +665,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The cities to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_LOCALITIES+++[]
endif::add-copy-button-to-env-var[]
@@ -677,6 +681,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The State/Provinces to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_PROVINCES+++[]
endif::add-copy-button-to-env-var[]
@@ -691,6 +697,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The street addresses to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_STREET_ADDRESSES+++[]
endif::add-copy-button-to-env-var[]
@@ -705,6 +713,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The postal codes to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_POSTAL_CODES+++[]
endif::add-copy-button-to-env-var[]
@@ -719,6 +729,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The serial number to be used on the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_SUBJECT_SERIAL_NUMBER+++[]
endif::add-copy-button-to-env-var[]
@@ -734,7 +746,7 @@ This configuration section is optional
h|Type
h|Default
-h|[[quarkus-certificate_quarkus.certificate.keystores.jks]]link:#quarkus-certificate_quarkus.certificate.keystores.jks[]
+h|[[quarkus-certificate_quarkus.certificate.keystores.jks-jks-configures-options-for-storing-a-jks-keystore-in-the-spec]]link:#quarkus-certificate_quarkus.certificate.keystores.jks-jks-configures-options-for-storing-a-jks-keystore-in-the-spec[JKS configures options for storing a JKS keystore in the spec]
This configuration section is optional
h|Type
h|Default
@@ -743,6 +755,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+Create enables keystore creation for the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_JKS_CREATE+++[]
endif::add-copy-button-to-env-var[]
@@ -757,6 +771,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_JKS_PASSWORD_SECRET_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -771,6 +787,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The key of the entry in the Secret resource’s data field to be used.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_JKS_PASSWORD_SECRET_REF_KEY+++[]
endif::add-copy-button-to-env-var[]
@@ -781,10 +799,17 @@ endif::add-copy-button-to-env-var[]
|required icon:exclamation-circle[title=Configuration property is required]
+h|[[quarkus-certificate_quarkus.certificate.keystores.pkcs12-pkcs12-configures-options-for-storing-a-pkcs12-keystore-in-the-spec]]link:#quarkus-certificate_quarkus.certificate.keystores.pkcs12-pkcs12-configures-options-for-storing-a-pkcs12-keystore-in-the-spec[PKCS12 configures options for storing a PKCS12 keystore in the spec]
+This configuration section is optional
+h|Type
+h|Default
+
a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.keystores.pkcs12.create]]`link:#quarkus-certificate_quarkus.certificate.keystores.pkcs12.create[quarkus.certificate.keystores.pkcs12.create]`
[.description]
--
+Create enables keystore creation for the Certificate.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_PKCS12_CREATE+++[]
endif::add-copy-button-to-env-var[]
@@ -799,6 +824,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The name of the resource being referred to.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_PKCS12_PASSWORD_SECRET_REF_NAME+++[]
endif::add-copy-button-to-env-var[]
@@ -813,6 +840,8 @@ a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate
[.description]
--
+The key of the entry in the Secret resource’s data field to be used.
+
ifdef::add-copy-button-to-env-var[]
Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_KEYSTORES_PKCS12_PASSWORD_SECRET_REF_KEY+++[]
endif::add-copy-button-to-env-var[]
@@ -822,4 +851,70 @@ endif::add-copy-button-to-env-var[]
--|string
|required icon:exclamation-circle[title=Configuration property is required]
+
+h|[[quarkus-certificate_quarkus.certificate.private-key]]link:#quarkus-certificate_quarkus.certificate.private-key[]
+This configuration section is optional
+h|Type
+h|Default
+
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.rotation-policy]]`link:#quarkus-certificate_quarkus.certificate.private-key.rotation-policy[quarkus.certificate.private-key.rotation-policy]`
+
+[.description]
+--
+RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed.
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ROTATION_POLICY+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ROTATION_POLICY+++`
+endif::add-copy-button-to-env-var[]
+-- a|
+`unset`, `never`, `always`
+|`unset`
+
+
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.encoding]]`link:#quarkus-certificate_quarkus.certificate.private-key.encoding[quarkus.certificate.private-key.encoding]`
+
+[.description]
+--
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ENCODING+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ENCODING+++`
+endif::add-copy-button-to-env-var[]
+-- a|
+`unset`, `pkcs1`, `pkcs8`
+|`unset`
+
+
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.algorithm]]`link:#quarkus-certificate_quarkus.certificate.private-key.algorithm[quarkus.certificate.private-key.algorithm]`
+
+[.description]
+--
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ALGORITHM+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_ALGORITHM+++`
+endif::add-copy-button-to-env-var[]
+-- a|
+`unset`, `rsa`, `ed25519`, `ecdsa`
+|`unset`
+
+
+a|icon:lock[title=Fixed at build time] [[quarkus-certificate_quarkus.certificate.private-key.size]]`link:#quarkus-certificate_quarkus.certificate.private-key.size[quarkus.certificate.private-key.size]`
+
+[.description]
+--
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_CERTIFICATE_PRIVATE_KEY_SIZE+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_CERTIFICATE_PRIVATE_KEY_SIZE+++`
+endif::add-copy-button-to-env-var[]
+--|int
+|`-1`
+
|===
\ No newline at end of file
diff --git a/docs/modules/ROOT/pages/index.adoc b/docs/modules/ROOT/pages/index.adoc
index da71727..ea78270 100644
--- a/docs/modules/ROOT/pages/index.adoc
+++ b/docs/modules/ROOT/pages/index.adoc
@@ -14,6 +14,7 @@ Before getting started, make sure you're using the right Quarkus Helm version th
[%header,format=csv]
|===
Quarkus Cert-Manager Version,Quarkus Version
+0.1.0,Quarkus 3+
0.0.2,Quarkus 2.12+
0.0.1,Quarkus 2.12+
|===
@@ -210,7 +211,7 @@ spec:
service:
name: kubernetes-example
port:
- number: 8080
+ name: http
tls:
- hosts:
- foo.bar.com
diff --git a/integration-tests/kubernetes-certmanager-ssl/pom.xml b/integration-tests/kubernetes-certmanager-ssl/pom.xml
index 43f7f38..95badb5 100644
--- a/integration-tests/kubernetes-certmanager-ssl/pom.xml
+++ b/integration-tests/kubernetes-certmanager-ssl/pom.xml
@@ -52,6 +52,11 @@
certmanager-model-v1
test
+
+ io.fabric8
+ kubernetes-httpclient-vertx
+ test
+
diff --git a/integration-tests/kubernetes-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java b/integration-tests/kubernetes-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
index eca7f9d..5620e08 100644
--- a/integration-tests/kubernetes-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
+++ b/integration-tests/kubernetes-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
@@ -1,7 +1,7 @@
package io.quarkiverse.certmanager.tests;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
@Path("")
public class Endpoint {
diff --git a/integration-tests/openshift-certmanager-ssl/pom.xml b/integration-tests/openshift-certmanager-ssl/pom.xml
index 95b7b37..f1ba07f 100644
--- a/integration-tests/openshift-certmanager-ssl/pom.xml
+++ b/integration-tests/openshift-certmanager-ssl/pom.xml
@@ -52,6 +52,11 @@
openshift-model
test
+
+ io.fabric8
+ kubernetes-httpclient-vertx
+ test
+
diff --git a/integration-tests/openshift-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java b/integration-tests/openshift-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
index eca7f9d..5620e08 100644
--- a/integration-tests/openshift-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
+++ b/integration-tests/openshift-certmanager-ssl/src/main/java/io/quarkiverse/certmanager/tests/Endpoint.java
@@ -1,7 +1,7 @@
package io.quarkiverse.certmanager.tests;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
@Path("")
public class Endpoint {
diff --git a/integration-tests/openshift-certmanager-ssl/src/main/resources/application.properties b/integration-tests/openshift-certmanager-ssl/src/main/resources/application.properties
index 8a1bf12..5d89f3f 100644
--- a/integration-tests/openshift-certmanager-ssl/src/main/resources/application.properties
+++ b/integration-tests/openshift-certmanager-ssl/src/main/resources/application.properties
@@ -16,4 +16,5 @@ quarkus.certificate.encode-usages-in-request=true
# Enable route exposing
quarkus.openshift.name=quarkus-hello-world
+quarkus.openshift.namespace=my-namespace
quarkus.openshift.route.expose=true
\ No newline at end of file
diff --git a/integration-tests/openshift-certmanager-ssl/src/test/java/io/quarkiverse/certmanager/tests/OpenShiftIT.java b/integration-tests/openshift-certmanager-ssl/src/test/java/io/quarkiverse/certmanager/tests/OpenShiftIT.java
index a057f30..c3f7180 100644
--- a/integration-tests/openshift-certmanager-ssl/src/test/java/io/quarkiverse/certmanager/tests/OpenShiftIT.java
+++ b/integration-tests/openshift-certmanager-ssl/src/test/java/io/quarkiverse/certmanager/tests/OpenShiftIT.java
@@ -30,6 +30,8 @@ public void shouldCertificateAndIssuerBeGenerated() throws IOException {
.unmarshalAsList(new FileInputStream(Paths.get("target", "kubernetes", "openshift.yml").toFile()));
// Certificate expected data:
Certificate certificate = find(resources, Certificate.class);
+ assertEquals(NAME, certificate.getMetadata().getName());
+ assertEquals("my-namespace", certificate.getMetadata().getNamespace());
assertEquals("tls-secret", certificate.getSpec().getSecretName());
assertEquals(Arrays.asList("kubernetes-example.com", "localhost"), certificate.getSpec().getDnsNames());
assertTrue(certificate.getSpec().getEncodeUsagesInRequest());
diff --git a/pom.xml b/pom.xml
index c308685..c7c7bf1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -24,7 +24,7 @@
11
UTF-8
UTF-8
- 2.16.6.Final
+ 3.0.0.Final
diff --git a/runtime/pom.xml b/runtime/pom.xml
index ad78f94..a1e217b 100644
--- a/runtime/pom.xml
+++ b/runtime/pom.xml
@@ -22,7 +22,7 @@
io.quarkus
- quarkus-bootstrap-maven-plugin
+ quarkus-extension-maven-plugin
${quarkus.version}