v1alpha1

package
v1.16.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

+k8s:deepcopy-gen=package,register

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Duration

type Duration struct {
	// Duration holds the duration
	Duration metav1.Duration
}

Duration is present for backwards compatibility for fields that previously used time.Duration. +k8s:conversion-gen=false +kubebuilder:validation:XIntOrString

func DurationFromMetav1

func DurationFromMetav1(d metav1.Duration) *Duration

func DurationFromTime

func DurationFromTime(d time.Duration) *Duration

func (*Duration) DeepCopy

func (in *Duration) DeepCopy() *Duration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Duration.

func (*Duration) DeepCopyInto

func (in *Duration) DeepCopyInto(out *Duration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Duration) IsZero

func (t *Duration) IsZero() bool

func (*Duration) MarshalJSON

func (t *Duration) MarshalJSON() ([]byte, error)

func (*Duration) UnmarshalJSON

func (t *Duration) UnmarshalJSON(b []byte) error

type DynamicServingConfig

type DynamicServingConfig struct {
	// Namespace of the Kubernetes Secret resource containing the TLS certificate
	// used as a CA to sign dynamic serving certificates.
	SecretNamespace string `json:"secretNamespace,omitempty"`

	// Secret resource name containing the TLS certificate
	// used as a CA to sign dynamic serving certificates.
	SecretName string `json:"secretName,omitempty"`

	// DNSNames that must be present on serving certificates signed by the CA.
	DNSNames []string `json:"dnsNames,omitempty"`

	// LeafDuration is a customizable duration on serving certificates signed by the CA.
	LeafDuration *Duration `json:"leafDuration,omitempty"`
}

DynamicServingConfig makes the controller generate a CA and persist it into Secret resources. This CA will be used by all instances of the controller for signing serving certificates.

func (*DynamicServingConfig) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DynamicServingConfig.

func (*DynamicServingConfig) DeepCopyInto

func (in *DynamicServingConfig) DeepCopyInto(out *DynamicServingConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilesystemServingConfig

type FilesystemServingConfig struct {
	// Path to a file containing TLS certificate & chain to serve with
	CertFile string `json:"certFile,omitempty"`

	// Path to a file containing a TLS private key to serve with
	KeyFile string `json:"keyFile,omitempty"`
}

FilesystemServingConfig enables using a certificate and private key found on the local filesystem. These files will be periodically polled in case they have changed, and dynamically reloaded.

func (*FilesystemServingConfig) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilesystemServingConfig.

func (*FilesystemServingConfig) DeepCopyInto

func (in *FilesystemServingConfig) DeepCopyInto(out *FilesystemServingConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LeaderElectionConfig

type LeaderElectionConfig struct {
	// If true, cert-manager will perform leader election between instances to
	// ensure no more than one instance of cert-manager operates at a time
	Enabled *bool `json:"enabled,omitempty"`

	// Namespace used to perform leader election. Only used if leader election is enabled
	Namespace string `json:"namespace,omitempty"`

	// The duration that non-leader candidates will wait after observing a leadership
	// renewal until attempting to acquire leadership of a led but unrenewed leader
	// slot. This is effectively the maximum duration that a leader can be stopped
	// before it is replaced by another candidate. This is only applicable if leader
	// election is enabled.
	LeaseDuration *Duration `json:"leaseDuration,omitempty"`

	// The interval between attempts by the acting master to renew a leadership slot
	// before it stops leading. This must be less than or equal to the lease duration.
	// This is only applicable if leader election is enabled.
	RenewDeadline *Duration `json:"renewDeadline,omitempty"`

	// The duration the clients should wait between attempting acquisition and renewal
	// of a leadership. This is only applicable if leader election is enabled.
	RetryPeriod *Duration `json:"retryPeriod,omitempty"`
}

func (*LeaderElectionConfig) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LeaderElectionConfig.

func (*LeaderElectionConfig) DeepCopyInto

func (in *LeaderElectionConfig) DeepCopyInto(out *LeaderElectionConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSConfig

type TLSConfig struct {
	// cipherSuites is the list of allowed cipher suites for the server.
	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
	// If not specified, the default for the Go version will be used and may change over time.
	CipherSuites []string `json:"cipherSuites,omitempty"`

	// minTLSVersion is the minimum TLS version supported.
	// Values are from tls package constants (https://golang.org/pkg/crypto/tls/#pkg-constants).
	// If not specified, the default for the Go version will be used and may change over time.
	MinTLSVersion string `json:"minTLSVersion,omitempty"`

	// Filesystem enables using a certificate and private key found on the local filesystem.
	// These files will be periodically polled in case they have changed, and dynamically reloaded.
	Filesystem FilesystemServingConfig `json:"filesystem"`

	// When Dynamic serving is enabled, the controller will generate a CA used to sign
	// certificates and persist it into a Kubernetes Secret resource (for other replicas of the
	// controller to consume).
	// It will then generate a certificate in-memory for itself using this CA to serve with.
	Dynamic DynamicServingConfig `json:"dynamic"`
}

TLSConfig configures how TLS certificates are sourced for serving. Only one of 'filesystem' or 'dynamic' may be specified.

func (*TLSConfig) DeepCopy

func (in *TLSConfig) DeepCopy() *TLSConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig.

func (*TLSConfig) DeepCopyInto

func (in *TLSConfig) DeepCopyInto(out *TLSConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL