csrctrl

package
v0.0.0-...-e1a04f4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 8, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

An example implementation of a CSR Controller.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertificateAuthority

type CertificateAuthority struct {

	// Chain including the signing CA (as leaf), up to the roots
	// tls.crt
	Chain []byte

	// Roots contains the ca.crt
	Roots []byte
	Key   []byte

	Certificate *x509.Certificate

	PrivateKey crypto.Signer
}

CertificateAuthority implements a certificate authority that supports policy based signing. It's used by the signing controller.

func (*CertificateAuthority) Init

func (ca *CertificateAuthority) Init() (err error)

func (*CertificateAuthority) Sign

func (ca *CertificateAuthority) Sign(crDER []byte) ([]byte, error)

Sign signs a certificate request, applying a SigningPolicy and returns a DER encoded x509 certificate.

func (*CertificateAuthority) SignCSR

func (s *CertificateAuthority) SignCSR(x509cr *x509.CertificateRequest) ([]byte, error)

SingCSR signs the certificate and returns a full chain.

type K8SSigner

type K8SSigner struct {
	K8SClient *kubernetes.Clientset
	Name      string
	Signer    *CertificateAuthority
	// contains filtered or unexported fields
}

func (*K8SSigner) OnAdd

func (k *K8SSigner) OnAdd(obj interface{}, isInInitialList bool)

func (K8SSigner) OnDelete

func (k K8SSigner) OnDelete(obj interface{})

func (*K8SSigner) OnUpdate

func (k *K8SSigner) OnUpdate(oldObj, newObj interface{})

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL