baseca

package
v1.0.9-2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 2, 2024 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DaysToSecondsConversion = int64(24 * 60 * 60)
)

Variables

This section is empty.

Functions

func ConfigToBytes

func ConfigToBytes(c *cav1.ServerConfig) ([]byte, error)

Types

type CA

type CA struct {
	Client controllerclient.Client
	Scheme *runtime.Scheme
	Config *config.Config

	DeploymentManager     resources.Manager
	ServiceManager        resources.Manager
	PVCManager            resources.Manager
	RoleManager           resources.Manager
	RoleBindingManager    resources.Manager
	ServiceAccountManager resources.Manager

	Override    Override
	Initializer InitializeIBPCA

	CertificateManager CertificateManager
	RenewCertTimers    map[string]*time.Timer

	Restart RestartManager
}

func New

func New(client controllerclient.Client, scheme *runtime.Scheme, config *config.Config, o Override) *CA

func (*CA) AddTLSCryptoIfMissing

func (ca *CA) AddTLSCryptoIfMissing(instance *current.IBPCA, endpoints *current.CAEndpoints) error

func (*CA) CheckCertificates

func (ca *CA) CheckCertificates(instance *current.IBPCA) (*current.CRStatus, error)

func (*CA) CheckForTLSSecret

func (ca *CA) CheckForTLSSecret(instance *current.IBPCA) error

func (*CA) CheckStates

func (ca *CA) CheckStates(instance *current.IBPCA) error

func (*CA) CreateCACryptoSecret

func (ca *CA) CreateCACryptoSecret(instance *current.IBPCA, caCrypto map[string][]byte) error

func (*CA) CreateManagers

func (ca *CA) CreateManagers()

func (*CA) CreateTLSCACryptoSecret

func (ca *CA) CreateTLSCACryptoSecret(instance *current.IBPCA, tlscaCrypto map[string][]byte) error

func (*CA) GenTLSCrypto

func (ca *CA) GenTLSCrypto(instance *current.IBPCA, endpoints *current.CAEndpoints) ([]byte, []byte, error)

func (*CA) GetEndpoints

func (ca *CA) GetEndpoints(instance *current.IBPCA) *current.CAEndpoints

func (*CA) GetEndpointsDNS

func (ca *CA) GetEndpointsDNS(instance *current.IBPCA) *current.CAEndpoints

func (*CA) GetLabels

func (ca *CA) GetLabels(instance v1.Object) map[string]string

func (*CA) HandleActions

func (ca *CA) HandleActions(instance *current.IBPCA, update Update) error

func (*CA) HandleRestart

func (ca *CA) HandleRestart(instance *current.IBPCA, update Update) error

func (*CA) Initialize

func (ca *CA) Initialize(instance *current.IBPCA, update Update) error

func (*CA) PreReconcileChecks

func (ca *CA) PreReconcileChecks(instance *current.IBPCA, update Update) (bool, error)

PreReconcileChecks validate CR request before starting reconcile flow

func (*CA) Reconcile

func (ca *CA) Reconcile(instance *current.IBPCA, update Update) (common.Result, error)

func (*CA) ReconcileFabricCAMigration

func (ca *CA) ReconcileFabricCAMigration(instance *current.IBPCA) error

func (*CA) ReconcileHSMImages

func (ca *CA) ReconcileHSMImages(instance *current.IBPCA) bool

func (*CA) ReconcileManagers

func (ca *CA) ReconcileManagers(instance *current.IBPCA, updated Update) error

func (*CA) ReconcileRBAC

func (ca *CA) ReconcileRBAC(instance *current.IBPCA) error

func (*CA) RenewCert

func (ca *CA) RenewCert(instance *current.IBPCA, endpoints *current.CAEndpoints) error

func (*CA) RestartAction

func (ca *CA) RestartAction(instance *current.IBPCA) error

func (*CA) SelectRegion

func (ca *CA) SelectRegion(instance *current.IBPCA) (bool, error)

func (*CA) SelectZone

func (ca *CA) SelectZone(instance *current.IBPCA) (bool, error)

func (*CA) SetVersion

func (ca *CA) SetVersion(instance *current.IBPCA) (bool, error)

func (*CA) UpdateConnectionProfile

func (ca *CA) UpdateConnectionProfile(instance *current.IBPCA) error

func (*CA) UpdateConnectionProfileConfigmap

func (ca *CA) UpdateConnectionProfileConfigmap(instance *current.IBPCA, endpoints current.CAEndpoints, tlscert, cacert, tlscacert string) error

type CertificateManager

type CertificateManager interface {
	GetDurationToNextRenewalForCert(string, []byte, v1.Object, int64) (time.Duration, error)
	GetSecret(string, string) (*corev1.Secret, error)
	Expires([]byte, int64) (bool, time.Time, error)
	UpdateSecret(v1.Object, string, map[string][]byte) error
}

type IBPCA

type IBPCA interface {
	Initialize(instance *current.IBPCA, update Update) error
	PreReconcileChecks(instance *current.IBPCA, update Update) (bool, error)
	ReconcileManagers(instance *current.IBPCA, update Update) error
	Reconcile(instance *current.IBPCA, update Update) (common.Result, error)
}

type Initialize

type Initialize struct {
	Config *initializer.Config
	Scheme *runtime.Scheme
	Labels func(instance v1.Object) map[string]string

	Initializer Initializer
	Client      k8sclient.Client
}

func NewInitializer

func NewInitializer(config *initializer.Config, scheme *runtime.Scheme, client k8sclient.Client, labels func(instance v1.Object) map[string]string, timeouts initializer.HSMInitJobTimeouts) *Initialize

func (*Initialize) CreateConfigResources

func (i *Initialize) CreateConfigResources(name string, instance *current.IBPCA, resp *initializer.Response) error

func (*Initialize) CreateEnrollmentCAConfig

func (i *Initialize) CreateEnrollmentCAConfig(instance *current.IBPCA) (*initializer.Response, error)

func (*Initialize) CreateOrUpdateConfigMap

func (i *Initialize) CreateOrUpdateConfigMap(instance *current.IBPCA, data map[string][]byte, name string) error

func (*Initialize) CreateOrUpdateCryptoSecret

func (i *Initialize) CreateOrUpdateCryptoSecret(instance *current.IBPCA, caCrypto map[string][]byte, name string) error

func (*Initialize) CreateTLSCAConfig

func (i *Initialize) CreateTLSCAConfig(instance *current.IBPCA) (*initializer.Response, error)

func (*Initialize) GetCryptoSecret

func (i *Initialize) GetCryptoSecret(instance *current.IBPCA, name string) (*corev1.Secret, error)

func (*Initialize) GetEnrollmentInitCA

func (i *Initialize) GetEnrollmentInitCA(instance *current.IBPCA, data []byte) (*initializer.CA, error)

func (*Initialize) GetTLSInitCA

func (i *Initialize) GetTLSInitCA(instance *current.IBPCA, data []byte) (*initializer.CA, error)

func (*Initialize) HandleConfigResources

func (i *Initialize) HandleConfigResources(name string, instance *current.IBPCA, resp *initializer.Response, update Update) error

func (*Initialize) HandleEnrollmentCAInit

func (i *Initialize) HandleEnrollmentCAInit(instance *current.IBPCA, update Update) (*initializer.Response, error)

func (*Initialize) HandleTLSCAInit

func (i *Initialize) HandleTLSCAInit(instance *current.IBPCA, update Update) (*initializer.Response, error)

func (*Initialize) MergeCryptoMaterial

func (i *Initialize) MergeCryptoMaterial(current map[string][]byte, updated map[string][]byte) map[string][]byte

func (*Initialize) ReadConfigMap

func (i *Initialize) ReadConfigMap(instance *current.IBPCA, name string) (*corev1.ConfigMap, error)

func (*Initialize) SecretExists

func (i *Initialize) SecretExists(instance *current.IBPCA, name string) bool

func (*Initialize) SyncDBConfig

func (i *Initialize) SyncDBConfig(orig *current.IBPCA) (*current.IBPCA, error)

func (*Initialize) UpdateConfigResources

func (i *Initialize) UpdateConfigResources(name string, instance *current.IBPCA, resp *initializer.Response) error

func (*Initialize) UpdateEnrollmentCAConfig

func (i *Initialize) UpdateEnrollmentCAConfig(instance *current.IBPCA) (*initializer.Response, error)

func (*Initialize) UpdateTLSCAConfig

func (i *Initialize) UpdateTLSCAConfig(instance *current.IBPCA) (*initializer.Response, error)

type InitializeIBPCA

type InitializeIBPCA interface {
	HandleEnrollmentCAInit(instance *current.IBPCA, update Update) (*initializer.Response, error)
	HandleConfigResources(name string, instance *current.IBPCA, resp *initializer.Response, update Update) error
	HandleTLSCAInit(instance *current.IBPCA, update Update) (*initializer.Response, error)
	SyncDBConfig(*current.IBPCA) (*current.IBPCA, error)
	CreateOrUpdateConfigMap(instance *current.IBPCA, data map[string][]byte, name string) error
	ReadConfigMap(instance *current.IBPCA, name string) (*corev1.ConfigMap, error)
}

type RestartManager

type RestartManager interface {
	ForConfigOverride(instance v1.Object) error
	TriggerIfNeeded(instance restart.Instance) error
	ForTLSReenroll(instance v1.Object) error
	ForRestartAction(instance v1.Object) error
}

type Update

type Update interface {
	SpecUpdated() bool
	CAOverridesUpdated() bool
	TLSCAOverridesUpdated() bool
	ConfigOverridesUpdated() bool
	RestartNeeded() bool
	CACryptoUpdated() bool
	CACryptoCreated() bool
	RenewTLSCert() bool
	FabricVersionUpdated() bool
	ImagesUpdated() bool
	CATagUpdated() bool
}

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL