Documentation
¶
Index ¶
Constants ¶
View Source
const ( // The Istio secret annotation type IstioSecretType = "istio.io/key-and-cert" // The ID/name for the certificate chain file. CertChainID = "cert-chain.pem" // The ID/name for the private key file. PrivateKeyID = "key.pem" // The ID/name for the CA root certificate file. RootCertID = "root-cert.pem" // The key to specify corresponding service account in the annotation of K8s secrets. ServiceAccountNameAnnotationKey = "istio.io/service-account.name" )
#nosec: disable gas linter
Variables ¶
This section is empty.
Functions ¶
func GetSecretName ¶
GetSecretName returns the secret name for a given service account name.
Types ¶
type DNSNameEntry ¶
DNSNameEntry stores the service name and namespace to construct the DNS id.
type SecretController ¶
type SecretController struct {
// contains filtered or unexported fields
}
SecretController manages the service accounts' secrets that contains Istio keys and certificates.
func NewSecretController ¶
func NewSecretController(ca ca.CertificateAuthority, certTTL time.Duration, gracePeriodRatio float32, minGracePeriod time.Duration, core corev1.CoreV1Interface, namespace string, dnsNames map[string]DNSNameEntry) (*SecretController, error)
NewSecretController returns a pointer to a newly constructed SecretController instance.
func (*SecretController) Run ¶
func (sc *SecretController) Run(stopCh chan struct{})
Run starts the SecretController until a value is sent to stopCh.
Source Files
Click to show internal directories.
Click to hide internal directories.