v0.3.0-alpha

What's Changed

• [FEATURE] Added compatibility for multiple hosts (see here)
• [NEW] Added k8s files to deploy the freeipa issuer (crds, deployments, rbac and prometheus service monitor)
• [UPDATE] Added install instructions in the main README.md

Known Bugs

• Fail to establish connection using insecure = false when creating the Issuer in kubernetes
• ClusterIssuer is broken right now - DO NOT USE
• AddService return an error, even if the service is correctly created in Freeipa, Use ignoreError = true for now to dodge the issue

Future Releases

• (On hold) Adding certificate Duration customization - Right now all generated certificates have a "2 year warranty"
• Adding possibility to return Or not the CA - In some cases peoples don't want CA to be returned with the certificate. Adding this feature might interest some people
• Better doc

Full Changelog: v0.2.2-alpha...v0.3.0-alpha

v0.2.2-alpha: Fix dns ignore error field (#4)

[FIX] Fixed error in the ServiceAddPrincipal condition, where it would ignore if freeipa failed to create the principal aliases.

v0.2.1-alpha

[FIX] handling empty strings in Freeipa CSR response, causing ca-headers be inserted between those spaces

v0.2.0-alpha

Release 0.2.0-alpha

• [FEATURE] Added compatibility for dnsNames field in cert-manager Kind: certificate
• [DOC] Added comments in code for easier readability

Known Bugs

• Fail to establish connection using insecure = false when creating the Issuer in kubernetes
• ClusterIssuer is broken right now - DO NOT USE
• AddService return an error, even if the service is correctly created in Freeipa, Use ignoreError = true for now to dodge the issue
• Using ignoreError: true field in the Kind: Issuer ignore errors in DNSnames principal alias creation for the service. It is useless, because the certificate won't be created as freeipa can't find the SAN present in the certificate request and therefore automatically fail with a 4002 Error: Service Principal Alias XXXX could not be found for service YYYY

Future Releases

• Adding mulit-freeipa host compatibility (higher resilience to host crash?reboot...)
• Adding certificate Duration customization - Right now all generated certificates have a "2 year warranty"
• Adding possibility to return Or not the CA - In some cases peoples don't want CA to be returned with the certificate. Adding this feature might interest some people
• Better doc

v0.1.0-alpha

Initial Release

• generate tls.key (certificate private key), tls.crt (signed certificate) and ca.crt (certificate authority which was used to sign the certificate) certificates using freeipa-issuer Issuer type
• add services in freeipa
• add principal in freeipa

Known Bugs

• Fail to establish connection using insecure = false when creating the Issuer in kubernetes
• ClusterIssuer is broken right now - DO NOT USE
• AddService return an error, even if the service is correctly created in Freeipa, Use ignoreError = true for now to dodge the issue

Future Releases

• Adding mulit-freeipa host compatibility (higher resilience to host crash?reboot...)
• Adding certificate Duration customization - Right now all generated certificates have a "2 year warranty"
• Adding possibility to return Or not the CA - In some cases peoples don't want CA to be returned with the certificate. Adding this feature might interest some people
• Better doc