apiext

package
v2.2.0-rc.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 10, 2022 License: Apache-2.0 Imports: 41 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConfigureCRDs

func ConfigureCRDs(
	ctx context.Context,
	restConfig *rest.Config,
	serviceName, serviceNamespace string,
	caSecret *k8sTypesCoreV1.Secret,
	scheme *k8sRuntime.Scheme,
) error

ConfigureCRDs uses 'restConfig' to look at all CustomResourceDefinitions that are mentioned in 'scheme', and adjusts each of their .spec.conversion.webhook.clientConfig.caBundle to match the "tls.crt" field in 'caSecret'.

func LogLevelIsAtLeastDebug added in v2.1.2

func LogLevelIsAtLeastDebug() bool

func Main

func Main(ctx context.Context, version string, args ...string) error

Main is a `github.com/datawire/ambassador/v2/pkg/busy`-compatible wrapper around 'Run()', using values appropriate for the stock Emissary.

func PodNamespace

func PodNamespace() string

PodNamespace is borrowed from "k8s.io/client-go/tools/clientcmd".inClusterConfig.Namespace()

func Run

func Run(ctx context.Context, namespace, svcname string, httpPort, httpsPort int, scheme *k8sRuntime.Scheme) error

Run runs the Emissary apiext server process, but takes enough arguments that you should be able to reuse it to implement your own apiext server.

func ServeHTTP

func ServeHTTP(ctx context.Context, port int) error

func ServeHTTPS

func ServeHTTPS(ctx context.Context, port int, ca *CA, scheme *k8sRuntime.Scheme) error

Types

type CA

type CA struct {
	Cert *x509.Certificate
	Key  *rsa.PrivateKey
	// contains filtered or unexported fields
}

CA is a Certificat Authority that can mint new TLS certificates.

func EnsureCA

func EnsureCA(ctx context.Context, restConfig *rest.Config, namespace string) (*CA, *k8sTypesCoreV1.Secret, error)

EnsureCA ensures that a Kubernetes Secret named "emissary-ingress-webhook-ca" exists in the given namespace (creating it if it doesn't), and returns both the Secret itself and a CA using the information from the Secret.

func (*CA) GenServerCert

func (ca *CA) GenServerCert(ctx context.Context, hostname string) (*tls.Certificate, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL