secretfetcher

package
v0.0.0-...-fe632b3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2020 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// IngressGatewaySdsCaSuffix is the suffix of the sds resource name for root CA. All resource
	// names for ingress gateway root certs end with "-cacert".
	IngressGatewaySdsCaSuffix = "-cacert"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type SecretFetcher

type SecretFetcher struct {
	// If UseCaClient is true, use caClient to send CSR to CA.
	UseCaClient bool
	CaClient    caClientInterface.Client

	// Add all entries containing secretName in SecretCache. Called when K8S secret is added.
	AddCache func(secretName string, ns model.SecretItem)
	// Delete all entries containing secretName in SecretCache. Called when K8S secret is deleted.
	DeleteCache func(secretName string)
	// Update all entries containing secretName in SecretCache. Called when K8S secret is updated.
	UpdateCache func(secretName string, ns model.SecretItem)
	// contains filtered or unexported fields
}

SecretFetcher fetches secret via watching k8s secrets or sending CSR to CA.

func NewSecretFetcher

func NewSecretFetcher(ingressGatewayAgent bool, endpoint, CAProviderName string, tlsFlag bool,
	tlsRootCert []byte, vaultAddr, vaultRole, vaultAuthPath, vaultSignCsrPath string) (*SecretFetcher, error)

NewSecretFetcher returns a pointer to a newly constructed SecretFetcher instance.

func (*SecretFetcher) AddSecret

func (sf *SecretFetcher) AddSecret(obj interface{})

AddSecret adds obj into local store. Only used for testing.

func (*SecretFetcher) FindIngressGatewaySecret

func (sf *SecretFetcher) FindIngressGatewaySecret(key string) (secret model.SecretItem, ok bool)

FindIngressGatewaySecret returns the secret for a k8sKeyA, or empty secret if no secret is present. The ok result indicates whether secret was found.

func (*SecretFetcher) Init

func (sf *SecretFetcher) Init(core corev1.CoreV1Interface)

Init initializes SecretFetcher to watch kubernetes secrets.

func (*SecretFetcher) Run

func (sf *SecretFetcher) Run(ch chan struct{})

Run starts the SecretFetcher until a value is sent to ch. Only used when watching kubernetes gateway secrets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL