csi-driver

module

v0.8.0 Latest Latest Go to latest Published: Mar 27, 2024 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cert-manager/csi-driver

Links

Open Source Insights

README ¶

csi-driver

csi-driver is a Container Storage Interface (CSI) driver plugin for Kubernetes to work along cert-manager. The goal for this plugin is to facilitate requesting and mounting certificate key pairs to pods seamlessly. This is useful for facilitating mTLS, or otherwise securing connections of pods with guaranteed present certificates whilst having all of the features that cert-manager provides.

Why a CSI Driver?

Ensure private keys never leave the node and are never sent over the network. All private keys are stored locally on the node.
Unique key and certificate per application replica with a grantee to be present on application run time.
Reduce resource management overhead by defining certificate request spec in-line of the Kubernetes Pod template.
Automatic renewal of certificates based on expiry of each individual certificate.
Keys and certificates are destroyed during application termination.
Scope for extending plugin behaviour with visibility on each replica's certificate request and termination.

Documentation

Please follow the documentation at cert-manager.io for installing and using csi-driver.

Release Process

There is a semi-automated release process for csi-driver. When you create a Git tag with a tagname that has a v prefix and push it to GitHub it will trigger the release workflow.

This will:

Create and push a Docker image to quay.io/jetstack/cert-manager-csi-driver:${{ github.ref_name }}
Create a Helm chart
Create a draft GitHub release with the Helm chart file attached and containing a reference to the Docker image.

To perform a release:

Create and push a Git tag

export VERSION=v0.5.0-alpha.0
git tag --annotate --message="Release ${VERSION}" "${VERSION}"
git push origin "${VERSION}"

Wait for the release workflow to succeed and if successful visit the draft release page to download the attached Helm chart attachment.
Create a PR in the jetstack/jetstack-charts repository on GitHub, containing the Helm chart file that is attached to the draft GitHub release. This is only currently possible for maintainers inside Venafi, but will be changed in the future.
Wait for the PR to be merged and verify that the Helm chart is available from https://charts.jetstack.io.
Visit the releases page, edit the draft release, click "Generate release notes", and publish the release.

Directories ¶

Path	Synopsis
cmd
app
app/options
internal
version
pkg
apis
apis/defaults
apis/v1alpha1
apis/validation
filestore
keygen
keystore/pkcs12
requestgen
test
e2e/environment
e2e/framework
e2e/framework/config
e2e/framework/helper
e2e/framework/log
e2e/framework/util
e2e/suite
e2e/suite/cases
e2e/util
unit

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL