GO-2024-2859: source-controller leaks Azure Storage SAS token into logs in github.com/fluxcd/source-controller

tls

package

v1.2.1 Latest Latest Go to latest Published: Dec 8, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fluxcd/source-controller

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const CACrtKey = "ca.crt"

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type TLSBytes ¶

type TLSBytes struct {
	// CertBytes is the bytes of the certificate file.
	CertBytes []byte
	// KeyBytes is the bytes of the key file.
	KeyBytes []byte
	// CABytes is the bytes of the CA file.
	CABytes []byte
}

TLSBytes contains the bytes of the TLS files.

func KubeTLSClientConfigFromSecret ¶

func KubeTLSClientConfigFromSecret(secret corev1.Secret, url string) (*tls.Config, *TLSBytes, error)

KubeTLSClientConfigFromSecret returns a TLS client config as a `tls.Config` object and in its bytes representation. The secret is expected to have the following keys: - tls.key, for the private key - tls.crt, for the certificate - ca.crt, for the CA certificate

Secrets with no certificate, private key, AND CA cert are ignored. If only a certificate OR private key is found, an error is returned. The Secret type can be blank, Opaque or kubernetes.io/tls.

func LegacyTLSClientConfigFromSecret ¶ added in v1.1.1

func LegacyTLSClientConfigFromSecret(secret corev1.Secret, url string) (*tls.Config, *TLSBytes, error)

LegacyTLSClientConfigFromSecret returns a TLS client config as a `tls.Config` object and in its bytes representation. The secret is expected to have the following keys: - keyFile, for the private key - certFile, for the certificate - caFile, for the CA certificate

Secrets with no certificate, private key, AND CA cert are ignored. If only a certificate OR private key is found, an error is returned.

func TLSClientConfigFromSecret ¶

func TLSClientConfigFromSecret(secret corev1.Secret, url string) (*tls.Config, *TLSBytes, error)

TLSClientConfigFromSecret returns a TLS client config as a `tls.Config` object and in its bytes representation. The secret is expected to have the following keys: - keyFile, for the private key - certFile, for the certificate - caFile, for the CA certificate

Secrets with no certificate, private key, AND CA cert are ignored. If only a certificate OR private key is found, an error is returned. The Secret type can be blank, Opaque or kubernetes.io/tls.

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL