Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Format the issuers table #1383

Merged
merged 2 commits into from
Jan 11, 2024
Merged

Format the issuers table #1383

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
70761de
Format the issuers table
wallrj Jan 11, 2024
3c913f6
Fix broken ACME issuer link
wallrj Jan 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 44 additions & 23 deletions content/docs/configuration/issuers.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,27 +6,29 @@ description: 'cert-manager configuration: Issuers'
The following list contains all known cert-manager issuer integrations.

<div className="rotate">
| Tier | Controller | Docs | Issuer | cert-manager<br/>version used<br/>in tutorial[^1] | Released within<br/>12 months[^2] | Is Open Source |
|------|------------|------|--------|--------|--------|--------|
| 🥇 | acme-issuer (in-tree) | [📄][config:acme-issuer] | [ACME](https://datatracker.ietf.org/doc/html/rfc8555) | [latest][production:acme-issuer] | [✔️][release:cert-manager] | ✔️ |
| 🥇 | venafi-enhanced-issuer | [📄][config:venafi-enhanced-issuer] | [Venafi TLS Protect](https://venafi.com/tls-protect/) | [v1.12.1][production:venafi-enhanced-issuer] | [✔️][release:venafi-enhanced-issuer] | ❌ |
| 🥈 | adcs-issuer | [📄][config:adcs-issuer] | [Microsoft Active Directory<br/>Certificate Service](https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/server-certs/install-the-certification-authority) | - | [✔️][release:adcs-issuer] | ✔️ |
| 🥈 | aws-privateca-issuer | [📄][config:aws-privateca-issuer] | [AWS Private Certificate Authority](https://aws.amazon.com/certificate-manager/private-certificate-authority/) | - | [✔️][release:aws-privateca-issuer] | ✔️ |
| 🥈 | ca-issuer (in-tree) | [📄][config:ca-issuer] | CA issuer | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | command-issuer | [📄][config:command-issuer] | [Keyfactor Command](https://www.keyfactor.com/products/command/) | - | [✔️][release:command-issuer] | ✔️ |
| 🥈 | ejbca-issuer | [📄][config:ejbca-issuer] | [EJBCA](https://www.ejbca.org/) | - | [✔️][release:ejbca-issuer] | ✔️ |
| 🥈 | google-cas-issuer | [📄][config:google-cas-issuer] | [Google Cloud Certificate<br/>Authority Service](https://cloud.google.com/certificate-authority-service/) | - | [✔️][release:google-cas-issuer] | ✔️ |
| 🥈 | horizon-issuer | [📄][config:horizon-issuer] | [EVERTRUST Horizon](https://evertrust.fr/horizon) | - | [✔️][release:horizon-issuer] | ✔️ |
| 🥈 | ncm-issuer | [📄][config:ncm-issuer] | [Nokia Netguard Certificate Manager](https://www.nokia.com/networks/security-portfolio/netguard/certificate-manager) | - | [✔️][release:ncm-issuer] | ✔️ |
| 🥈 | selfsigned-issuer (in-tree) | [📄][config:selfsigned-issuer] | Self-Signed issuer | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | step-issuer | [📄][config:step-issuer] | [Certificate Authority server](https://github.com/smallstep/certificates) | - | [✔️][release:step-issuer] | ✔️ |
| 🥈 | tcs-issuer | [📄][config:tcs-issuer] | [Intel's SGX technology](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html) | - | [✔️][release:tcs-issuer] | ✔️ |
| 🥈 | vault-issuer (in-tree) | [📄][config:vault-issuer] | [HashiCorp Vault](https://www.vaultproject.io/) | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | venafi-issuer (in-tree) | [📄][config:venafi-issuer] | [Venafi TLS Protect](https://venafi.com/tls-protect/) | - | [✔️][release:cert-manager] | ✔️ |
| 🥉 | cfssl-issuer | [📄][config:cfssl-issuer] | [CFSSL](https://github.com/cloudflare/cfssl) | - | [❌][release:cfssl-issuer] | ✔️ |
| 🥉 | freeipa-issuer | [📄][config:freeipa-issuer] | [FreeIPA](https://www.freeipa.org) | - | [❌][release:freeipa-issuer] | ✔️ |
| 🥉 | kms-issuer | [📄][config:kms-issuer] | [AWS KMS](https://aws.amazon.com/kms/) | - | [❌][release:kms-issuer] | ✔️ |
| 🥉 | origin-ca-issuer | [📄][config:origin-ca-issuer] | [Cloudflare Origin CA](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca) | - | [❌][release:origin-ca-issuer] | ✔️ |

| Tier | Controller | Docs | Issuer | cert-manager<br/>version used<br/>in tutorial[^1] | Released within<br/>12 months[^2] | Is Open Source |
|------|-----------------------------|-------------------------------------|------------------------------------------------------------------------|---------------------------------------------------|-------------------------------------|----------------|
| 🥇 | acme-issuer (in-tree) | [📄][config:acme-issuer] | [ACME][ca:acme] | [latest][production:acme-issuer] | [✔️][release:cert-manager] | ✔️ |
| 🥇 | venafi-enhanced-issuer | [📄][config:venafi-enhanced-issuer] | [Venafi TLS Protect][ca:venafi-enhanced-issuer] | [v1.12.1][production:venafi-enhanced-issuer] | [✔️][release:venafi-enhanced-issuer] | ❌ |
| 🥈 | adcs-issuer | [📄][config:adcs-issuer] | [Microsoft Active Directory<br/>Certificate Service][ca:adcs-issuer] | - | [✔️][release:adcs-issuer] | ✔️ |
| 🥈 | aws-privateca-issuer | [📄][config:aws-privateca-issuer] | [AWS Private Certificate Authority][ca:aws-privateca-issuer] | - | [✔️][release:aws-privateca-issuer] | ✔️ |
| 🥈 | ca-issuer (in-tree) | [📄][config:ca-issuer] | CA issuer | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | command-issuer | [📄][config:command-issuer] | [Keyfactor Command][ca:command-issuer] | - | [✔️][release:command-issuer] | ✔️ |
| 🥈 | ejbca-issuer | [📄][config:ejbca-issuer] | [EJBCA][ca:ejbca-issuer] | - | [✔️][release:ejbca-issuer] | ✔️ |
| 🥈 | google-cas-issuer | [📄][config:google-cas-issuer] | [Google Cloud Certificate<br/>Authority Service][ca:google-cas-issuer] | - | [✔️][release:google-cas-issuer] | ✔️ |
| 🥈 | horizon-issuer | [📄][config:horizon-issuer] | [EVERTRUST Horizon][ca:horizon-issuer] | - | [✔️][release:horizon-issuer] | ✔️ |
| 🥈 | ncm-issuer | [📄][config:ncm-issuer] | [Nokia Netguard Certificate Manager][ca:ncm-issuer] | - | [✔️][release:ncm-issuer] | ✔️ |
| 🥈 | selfsigned-issuer (in-tree) | [📄][config:selfsigned-issuer] | Self-Signed issuer | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | step-issuer | [📄][config:step-issuer] | [Certificate Authority server][ca:step-issuer] | - | [✔️][release:step-issuer] | ✔️ |
| 🥈 | tcs-issuer | [📄][config:tcs-issuer] | [Intel's SGX technology][ca:tcs-issuer] | - | [✔️][release:tcs-issuer] | ✔️ |
| 🥈 | vault-issuer (in-tree) | [📄][config:vault-issuer] | [HashiCorp Vault][ca:vault-issuer] | - | [✔️][release:cert-manager] | ✔️ |
| 🥈 | venafi-issuer (in-tree) | [📄][config:venafi-issuer] | [Venafi TLS Protect][ca:venafi-issuer] | - | [✔️][release:cert-manager] | ✔️ |
| 🥉 | cfssl-issuer | [📄][config:cfssl-issuer] | [CFSSL][ca:cfssl-issuer] | - | [❌][release:cfssl-issuer] | ✔️ |
| 🥉 | freeipa-issuer | [📄][config:freeipa-issuer] | [FreeIPA][ca:freeipa-issuer] | - | [❌][release:freeipa-issuer] | ✔️ |
| 🥉 | kms-issuer | [📄][config:kms-issuer] | [AWS KMS][ca:kms-issuer] | - | [❌][release:kms-issuer] | ✔️ |
| 🥉 | origin-ca-issuer | [📄][config:origin-ca-issuer] | [Cloudflare Origin CA][ca:origin-ca-issuer] | - | [❌][release:origin-ca-issuer] | ✔️ |

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This and the earlier blank line between the markdown table and the surrounding html tags are what fix the table rendering in GitHub file preview.

Copy link
Member

@maelvls maelvls Jan 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the context. I have myself hit this issue of broken table due to an html tag too close to the bottom of the table multiple times.

</div>

[production:venafi-enhanced-issuer]: https://platform.jetstack.io/documentation/academy/issue-and-approve-certificates-with-venafi-control-plane
Expand All @@ -35,7 +37,7 @@ The following list contains all known cert-manager issuer integrations.
[//]: # (Configuration docs)

[config:venafi-enhanced-issuer]: https://docs.venafi.cloud/vaas/k8s-components/t-vei-install/
[config:acme-issuer]: ./acme.md
[config:acme-issuer]: ./acme/README.md
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This broken link was picked up by the link checker.
Not sure why it hadn't highlighted it in earlier PRs.


[config:aws-privateca-issuer]: https://github.com/cert-manager/aws-privateca-issuer
[config:selfsigned-issuer]: ./selfsigned.md
Expand All @@ -56,6 +58,25 @@ The following list contains all known cert-manager issuer integrations.
[config:adcs-issuer]: https://djkormo.github.io/adcs-issuer/
[config:cfssl-issuer]: https://gerrit.wikimedia.org/r/plugins/gitiles/operations/software/cfssl-issuer

[//]: # (CA docs)
[ca:acme]: https://datatracker.ietf.org/doc/html/rfc8555
[ca:venafi-enhanced-issuer]: https://venafi.com/tls-protect/
[ca:adcs-issuer]: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/server-certs/install-the-certification-authority
[ca:aws-privateca-issuer]: https://aws.amazon.com/certificate-manager/private-certificate-authority/
[ca:command-issuer]: https://www.keyfactor.com/products/command/
[ca:ejbca-issuer]: https://www.ejbca.org/
[ca:google-cas-issuer]: https://cloud.google.com/certificate-authority-service/
[ca:horizon-issuer]: https://evertrust.fr/horizon
[ca:ncm-issuer]: https://www.nokia.com/networks/security-portfolio/netguard/certificate-manager
[ca:step-issuer]: https://github.com/smallstep/certificates
[ca:tcs-issuer]: https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html
[ca:vault-issuer]: https://www.vaultproject.io/
[ca:venafi-issuer]: https://venafi.com/tls-protect/
[ca:cfssl-issuer]: https://github.com/cloudflare/cfssl
[ca:freeipa-issuer]: https://www.freeipa.org
[ca:kms-issuer]: https://aws.amazon.com/kms/
[ca:origin-ca-issuer]: https://developers.cloudflare.com/ssl/origin-configuration/origin-ca
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved all the links to the CA documentation out of the table,
to make the table easier to read and for consistency with the other links in the table which are all aliased.


[//]: # (Release pages)

[release:venafi-enhanced-issuer]: https://platform.jetstack.io/documentation/installation/venafi-enhanced-issuer/
Expand Down Expand Up @@ -96,7 +117,7 @@ of tiers at any time.

- 🥈 Tier criteria.
- The issuer has an end-to-end tutorial on how to set it up with cert-manager for use in production.
At the time of checking[^1], the used cert-manager version has to be still supported (see [Supported Releases](../releases/README.md)).
At the time of checking[^1], the used cert-manager version has to be still supported (see [Supported Releases](../releases/README.md)).
An end-to-end tutorial must include:
1. a short explanation on how to install cert-manager (including the used version and a link to [https://cert-manager.io/docs/installation/](../installation/))
2. all required steps to install the issuer
Expand Down