Documentation
¶
Index ¶
- Constants
- func CreateTLSSecret(ctx *chetypes.DeployContext, name string) (err error)
- func GetAdditionalCACertsConfigMapVersion(ctx *chetypes.DeployContext) string
- func GetCheCABundles(client k8sclient.Client, namespace string) ([]corev1.ConfigMap, error)
- func GetTLSCrtBytes(ctx *chetypes.DeployContext) (certificates []byte, err error)
- func GetTLSCrtChain(ctx *chetypes.DeployContext) ([]*x509.Certificate, error)
- func IsSelfSignedCASecretExists(ctx *chetypes.DeployContext) (bool, error)
- func IsSelfSignedCertificateUsed(ctx *chetypes.DeployContext) (bool, error)
- func K8sHandleCheTLSSecrets(ctx *chetypes.DeployContext) (reconcile.Result, error)
- func SyncTLSRoleToCluster(ctx *chetypes.DeployContext) (bool, error)
- type CertificatesReconciler
- type TlsSecretReconciler
Constants ¶
const ( CheTLSJobServiceAccountName = "che-tls-job-service-account" CheTLSJobRoleName = "che-tls-job-role" CheTLSJobRoleBindingName = "che-tls-job-role-binding" CheTLSJobName = "che-tls-job" CheTLSJobComponentName = "che-create-tls-secret-job" )
TLS related constants
const (
// The ConfigMap name for merged CA bundle certificates
CheMergedCABundleCertsCMName = "ca-certs-merged"
)
Variables ¶
This section is empty.
Functions ¶
func CreateTLSSecret ¶
func CreateTLSSecret(ctx *chetypes.DeployContext, name string) (err error)
CreateTLSSecret creates TLS secret with given name. Does nothing if secret with given name already exists.
func GetAdditionalCACertsConfigMapVersion ¶
func GetAdditionalCACertsConfigMapVersion(ctx *chetypes.DeployContext) string
GetAdditionalCACertsConfigMapVersion returns revision of merged additional CA certs config map
func GetCheCABundles ¶
GetCheCABundles returns list of config maps with additional CA certificates that should be trusted by Che The selection is based on the specific label
func GetTLSCrtBytes ¶
func GetTLSCrtBytes(ctx *chetypes.DeployContext) (certificates []byte, err error)
GetTLSCrtBytes extracts certificate chain of trust from the test route/ingress.
func GetTLSCrtChain ¶
func GetTLSCrtChain(ctx *chetypes.DeployContext) ([]*x509.Certificate, error)
GetTLSCrtChain retrieves TLS certificates chain from a test route/ingress.
func IsSelfSignedCASecretExists ¶
func IsSelfSignedCASecretExists(ctx *chetypes.DeployContext) (bool, error)
IsSelfSignedCASecretExists checks if CheTLSSelfSignedCertificateSecretName exists so depending components can mount it
func IsSelfSignedCertificateUsed ¶
func IsSelfSignedCertificateUsed(ctx *chetypes.DeployContext) (bool, error)
IsSelfSignedCertificateUsed detects whether endpoints are/should be secured by self-signed certificate.
func K8sHandleCheTLSSecrets ¶
func K8sHandleCheTLSSecrets(ctx *chetypes.DeployContext) (reconcile.Result, error)
K8sHandleCheTLSSecrets handles TLS secrets required for Che deployment on Kubernetes infrastructure.
func SyncTLSRoleToCluster ¶
func SyncTLSRoleToCluster(ctx *chetypes.DeployContext) (bool, error)
Types ¶
type CertificatesReconciler ¶
type CertificatesReconciler struct {
deploy.Reconcilable
// contains filtered or unexported fields
}
func NewCertificatesReconciler ¶
func NewCertificatesReconciler() *CertificatesReconciler
func (*CertificatesReconciler) Finalize ¶
func (c *CertificatesReconciler) Finalize(ctx *chetypes.DeployContext) bool
func (*CertificatesReconciler) Reconcile ¶
func (c *CertificatesReconciler) Reconcile(ctx *chetypes.DeployContext) (reconcile.Result, bool, error)
type TlsSecretReconciler ¶
type TlsSecretReconciler struct {
deploy.Reconcilable
}
func NewTlsSecretReconciler ¶
func NewTlsSecretReconciler() *TlsSecretReconciler
func (*TlsSecretReconciler) Finalize ¶
func (t *TlsSecretReconciler) Finalize(ctx *chetypes.DeployContext) bool
func (*TlsSecretReconciler) Reconcile ¶
func (t *TlsSecretReconciler) Reconcile(ctx *chetypes.DeployContext) (reconcile.Result, bool, error)
Source Files