tls

package
v0.0.0-...-4cabb59 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 8, 2025 License: EPL-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CheTLSJobServiceAccountName = "che-tls-job-service-account"
	CheTLSJobRoleName           = "che-tls-job-role"
	CheTLSJobRoleBindingName    = "che-tls-job-role-binding"
	CheTLSJobName               = "che-tls-job"
	CheTLSJobComponentName      = "che-create-tls-secret-job"
)

TLS related constants

View Source
const (

	// The ConfigMap name for merged CA bundle certificates
	CheMergedCABundleCertsCMName = "ca-certs-merged"
)

Variables

This section is empty.

Functions

func CreateTLSSecret

func CreateTLSSecret(ctx *chetypes.DeployContext, name string) (err error)

CreateTLSSecret creates TLS secret with given name. Does nothing if secret with given name already exists.

func GetAdditionalCACertsConfigMapVersion

func GetAdditionalCACertsConfigMapVersion(ctx *chetypes.DeployContext) string

GetAdditionalCACertsConfigMapVersion returns revision of merged additional CA certs config map

func GetCheCABundles

func GetCheCABundles(client k8sclient.Client, namespace string) ([]corev1.ConfigMap, error)

GetCheCABundles returns list of config maps with additional CA certificates that should be trusted by Che The selection is based on the specific label

func GetTLSCrtBytes

func GetTLSCrtBytes(ctx *chetypes.DeployContext) (certificates []byte, err error)

GetTLSCrtBytes extracts certificate chain of trust from the test route/ingress.

func GetTLSCrtChain

func GetTLSCrtChain(ctx *chetypes.DeployContext) ([]*x509.Certificate, error)

GetTLSCrtChain retrieves TLS certificates chain from a test route/ingress.

func IsSelfSignedCASecretExists

func IsSelfSignedCASecretExists(ctx *chetypes.DeployContext) (bool, error)

IsSelfSignedCASecretExists checks if CheTLSSelfSignedCertificateSecretName exists so depending components can mount it

func IsSelfSignedCertificateUsed

func IsSelfSignedCertificateUsed(ctx *chetypes.DeployContext) (bool, error)

IsSelfSignedCertificateUsed detects whether endpoints are/should be secured by self-signed certificate.

func K8sHandleCheTLSSecrets

func K8sHandleCheTLSSecrets(ctx *chetypes.DeployContext) (reconcile.Result, error)

K8sHandleCheTLSSecrets handles TLS secrets required for Che deployment on Kubernetes infrastructure.

func SyncTLSRoleToCluster

func SyncTLSRoleToCluster(ctx *chetypes.DeployContext) (bool, error)

Types

type CertificatesReconciler

type CertificatesReconciler struct {
	deploy.Reconcilable
	// contains filtered or unexported fields
}

func NewCertificatesReconciler

func NewCertificatesReconciler() *CertificatesReconciler

func (*CertificatesReconciler) Finalize

func (*CertificatesReconciler) Reconcile

type TlsSecretReconciler

type TlsSecretReconciler struct {
	deploy.Reconcilable
}

func NewTlsSecretReconciler

func NewTlsSecretReconciler() *TlsSecretReconciler

func (*TlsSecretReconciler) Finalize

func (t *TlsSecretReconciler) Finalize(ctx *chetypes.DeployContext) bool

func (*TlsSecretReconciler) Reconcile

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL