├── .dockerignore ├── .github └── workflows │ ├── chart-publish.yaml │ ├── charts.yaml │ ├── docker.yaml │ ├── semgrep.yml │ └── tests.yaml ├── .gitignore ├── CONTRIBUTORS ├── LICENSE ├── Makefile ├── README.org ├── cmd └── controller │ ├── Dockerfile │ ├── doc.go │ ├── main.go │ └── options │ └── options.go ├── deploy ├── charts │ └── origin-ca-issuer │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── templates │ │ ├── _helpers.tpl │ │ ├── issuer-clusterrole.yaml │ │ ├── issuer-deployment.yaml │ │ ├── issuer-rolebinding.yaml │ │ └── issuer-serviceaccount.yaml │ │ └── values.yaml ├── crds │ ├── cert-manager.k8s.cloudflare.com_clusteroriginissuers.yaml │ └── cert-manager.k8s.cloudflare.com_originissuers.yaml ├── example │ ├── api-token.issuer.yaml │ ├── certificate.yaml │ ├── cfapi-token.secret.yaml │ ├── ingress.yaml │ ├── secvice-key.secret.yaml │ └── service-key.issuer.yaml ├── manifests │ ├── 0-namespace.yaml │ ├── deployment.yaml │ └── serviceaccount.yaml └── rbac │ ├── role-approver.yaml │ ├── role-binding.yaml │ └── role.yaml ├── go.mod ├── go.sum ├── hack └── crds │ └── cert-manager.crds.yaml ├── internal ├── cfapi │ ├── builder.go │ ├── cfapi.go │ └── cfapi_test.go └── version │ └── version.go └── pkgs ├── apis └── v1 │ ├── doc.go │ ├── issuers.go │ ├── types_originissuer.go │ └── zz_generated.deepcopy.go └── controllers ├── certificates ├── origin_ca_ecc_root.pem └── origin_ca_rsa_root.pem ├── doc.go ├── signer.go ├── signer_e2e_test.go ├── signer_test.go └── testdata ├── certificate.golden ├── csr.golden ├── database-failure.yaml └── working.yaml /.dockerignore: -------------------------------------------------------------------------------- 1 | bin/ 2 | -------------------------------------------------------------------------------- /.github/workflows/chart-publish.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.github/workflows/chart-publish.yaml -------------------------------------------------------------------------------- /.github/workflows/charts.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.github/workflows/charts.yaml -------------------------------------------------------------------------------- /.github/workflows/docker.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.github/workflows/docker.yaml -------------------------------------------------------------------------------- /.github/workflows/semgrep.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.github/workflows/semgrep.yml -------------------------------------------------------------------------------- /.github/workflows/tests.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.github/workflows/tests.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/.gitignore -------------------------------------------------------------------------------- /CONTRIBUTORS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/CONTRIBUTORS -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/Makefile -------------------------------------------------------------------------------- /README.org: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/README.org -------------------------------------------------------------------------------- /cmd/controller/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/cmd/controller/Dockerfile -------------------------------------------------------------------------------- /cmd/controller/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/cmd/controller/doc.go -------------------------------------------------------------------------------- /cmd/controller/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/cmd/controller/main.go -------------------------------------------------------------------------------- /cmd/controller/options/options.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/cmd/controller/options/options.go -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/Chart.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/Chart.yaml -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/README.md -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/templates/_helpers.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/templates/_helpers.tpl -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/templates/issuer-clusterrole.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/templates/issuer-clusterrole.yaml -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/templates/issuer-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/templates/issuer-deployment.yaml -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/templates/issuer-rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/templates/issuer-rolebinding.yaml -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/templates/issuer-serviceaccount.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/templates/issuer-serviceaccount.yaml -------------------------------------------------------------------------------- /deploy/charts/origin-ca-issuer/values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/charts/origin-ca-issuer/values.yaml -------------------------------------------------------------------------------- /deploy/crds/cert-manager.k8s.cloudflare.com_clusteroriginissuers.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/crds/cert-manager.k8s.cloudflare.com_clusteroriginissuers.yaml -------------------------------------------------------------------------------- /deploy/crds/cert-manager.k8s.cloudflare.com_originissuers.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/crds/cert-manager.k8s.cloudflare.com_originissuers.yaml -------------------------------------------------------------------------------- /deploy/example/api-token.issuer.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/api-token.issuer.yaml -------------------------------------------------------------------------------- /deploy/example/certificate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/certificate.yaml -------------------------------------------------------------------------------- /deploy/example/cfapi-token.secret.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/cfapi-token.secret.yaml -------------------------------------------------------------------------------- /deploy/example/ingress.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/ingress.yaml -------------------------------------------------------------------------------- /deploy/example/secvice-key.secret.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/secvice-key.secret.yaml -------------------------------------------------------------------------------- /deploy/example/service-key.issuer.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/example/service-key.issuer.yaml -------------------------------------------------------------------------------- /deploy/manifests/0-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: origin-ca-issuer 5 | -------------------------------------------------------------------------------- /deploy/manifests/deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/manifests/deployment.yaml -------------------------------------------------------------------------------- /deploy/manifests/serviceaccount.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/manifests/serviceaccount.yaml -------------------------------------------------------------------------------- /deploy/rbac/role-approver.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/rbac/role-approver.yaml -------------------------------------------------------------------------------- /deploy/rbac/role-binding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/rbac/role-binding.yaml -------------------------------------------------------------------------------- /deploy/rbac/role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/deploy/rbac/role.yaml -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/go.sum -------------------------------------------------------------------------------- /hack/crds/cert-manager.crds.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/hack/crds/cert-manager.crds.yaml -------------------------------------------------------------------------------- /internal/cfapi/builder.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/internal/cfapi/builder.go -------------------------------------------------------------------------------- /internal/cfapi/cfapi.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/internal/cfapi/cfapi.go -------------------------------------------------------------------------------- /internal/cfapi/cfapi_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/internal/cfapi/cfapi_test.go -------------------------------------------------------------------------------- /internal/version/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/internal/version/version.go -------------------------------------------------------------------------------- /pkgs/apis/v1/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/apis/v1/doc.go -------------------------------------------------------------------------------- /pkgs/apis/v1/issuers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/apis/v1/issuers.go -------------------------------------------------------------------------------- /pkgs/apis/v1/types_originissuer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/apis/v1/types_originissuer.go -------------------------------------------------------------------------------- /pkgs/apis/v1/zz_generated.deepcopy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/apis/v1/zz_generated.deepcopy.go -------------------------------------------------------------------------------- /pkgs/controllers/certificates/origin_ca_ecc_root.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/certificates/origin_ca_ecc_root.pem -------------------------------------------------------------------------------- /pkgs/controllers/certificates/origin_ca_rsa_root.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/certificates/origin_ca_rsa_root.pem -------------------------------------------------------------------------------- /pkgs/controllers/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/doc.go -------------------------------------------------------------------------------- /pkgs/controllers/signer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/signer.go -------------------------------------------------------------------------------- /pkgs/controllers/signer_e2e_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/signer_e2e_test.go -------------------------------------------------------------------------------- /pkgs/controllers/signer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/signer_test.go -------------------------------------------------------------------------------- /pkgs/controllers/testdata/certificate.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/testdata/certificate.golden -------------------------------------------------------------------------------- /pkgs/controllers/testdata/csr.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/testdata/csr.golden -------------------------------------------------------------------------------- /pkgs/controllers/testdata/database-failure.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/testdata/database-failure.yaml -------------------------------------------------------------------------------- /pkgs/controllers/testdata/working.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cloudflare/origin-ca-issuer/HEAD/pkgs/controllers/testdata/working.yaml --------------------------------------------------------------------------------