core

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 7, 2020 License: Apache-2.0, MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// OptDefaultIssuer is the default-issuer command line option.
	OptDefaultIssuer = "default-issuer"
	// OptIssuerNamespace is the issuer namespace command line option.
	OptIssuerNamespace = "issuer-namespace"
	// OptDNSNamespace is the DNS namespace command line option.
	OptDNSNamespace = "dns-namespace"
	// OptDNSClass is the DNS class command line option.
	OptDNSClass = "dns-class"
	// OptDNSOwnerID is the DNS owner identifier command line option.
	OptDNSOwnerID = "dns-owner-id"
	// OptDefaultIssuerDomainRanges are the domain ranges the default issuer is restricted to.
	OptDefaultIssuerDomainRanges = "default-issuer-domain-ranges"
	// OptRenewalWindow is the renewal window command line option.
	OptRenewalWindow = "renewal-window"
	// OptCascadeDelete is the cascade delete command line option.
	OptCascadeDelete = "cascade-delete"
	// OptPrecheckNameservers is a command line option to specify the DNS nameservers to check DNS propagation of the DNS challenge.
	OptPrecheckNameservers = "precheck-nameservers"
	// OptPrecheckAdditionalWait is a command line option to specify an additional wait time after DNS propagation check.
	OptPrecheckAdditionalWait = "precheck-additional-wait"
	// OptDefaultRequestsPerDayQuota allows to set a default value for requestsPerDayQuota if not set explicitly in the issuer spec.
	OptDefaultRequestsPerDayQuota = "default-requests-per-day-quota"
	// OptPropagationTimeout is the propagation timeout for the DNS01 challenge.
	OptPropagationTimeout = "propagation-timeout"
)

Variables

This section is empty.

Functions

func NewHandlerSupport

func NewHandlerSupport(c controller.Interface, factories ...IssuerHandlerFactory) (*CompoundHandler, *Support, error)

NewHandlerSupport creates CompoundHandler and Support

func NormalizeNamespace

func NormalizeNamespace(namespace string) string

NormalizeNamespace returns the namespace or "default" for an empty input.

Types

type AssociatedObjects

type AssociatedObjects struct {
	// contains filtered or unexported fields
}

AssociatedObjects stores bidi-associations between source and dest.

func NewAssociatedObjects

func NewAssociatedObjects() *AssociatedObjects

NewAssociatedObjects creates an AssociatedObjects

func (*AssociatedObjects) AddAssoc

func (ao *AssociatedObjects) AddAssoc(src, dst resources.ObjectName)

AddAssoc adds an association.

func (*AssociatedObjects) DestinationsAsArray

func (ao *AssociatedObjects) DestinationsAsArray(src resources.ObjectName) []resources.ObjectName

DestinationsAsArray returns all destinations for the given source.

func (*AssociatedObjects) DestinationsCount

func (ao *AssociatedObjects) DestinationsCount(src resources.ObjectName) int

DestinationsCount counts the destinations for the given source.

func (*AssociatedObjects) RemoveByDest

func (ao *AssociatedObjects) RemoveByDest(dst resources.ObjectName)

RemoveByDest removes an association by dest.

func (*AssociatedObjects) RemoveBySource

func (ao *AssociatedObjects) RemoveBySource(src resources.ObjectName)

RemoveBySource removes an association by src.

func (*AssociatedObjects) Sources

func (ao *AssociatedObjects) Sources() []resources.ObjectName

Sources returns all sources.

type CompoundHandler

type CompoundHandler struct {
	// contains filtered or unexported fields
}

CompoundHandler is an array of IssuerHandler

func (*CompoundHandler) DeletedIssuer

DeletedIssuer deletes an issuer

func (*CompoundHandler) DeletedSecret

DeletedSecret updates issuers on deleted secret

func (*CompoundHandler) ReconcileIssuer

func (h *CompoundHandler) ReconcileIssuer(logger logger.LogContext, obj resources.Object) reconcile.Status

ReconcileIssuer reconciles an issuer and forward it to the correct IssuerHandler

func (*CompoundHandler) ReconcileSecret

func (h *CompoundHandler) ReconcileSecret(logger logger.LogContext, obj resources.Object) reconcile.Status

ReconcileSecret reconciles secrets (for issuers)

type Enqueuer

type Enqueuer interface {
	EnqueueKey(key resources.ClusterObjectKey) error
}

Enqueuer is an interface to allow enqueue a key

type IssuerHandler

type IssuerHandler interface {
	Type() string
	CanReconcile(issuer *api.Issuer) bool
	Reconcile(logger logger.LogContext, obj resources.Object, issuer *api.Issuer) reconcile.Status
}

IssuerHandler can reconcile issuers.

type IssuerHandlerFactory

type IssuerHandlerFactory func(support *Support) (IssuerHandler, error)

IssuerHandlerFactory is a function type to create an issuer handler

type Quotas added in v0.2.16

type Quotas struct {
	// contains filtered or unexported fields
}

Quotas stores references issuer quotas.

func NewQuotas added in v0.2.16

func NewQuotas() *Quotas

NewQuotas create a Quotas

func (*Quotas) RememberQuotas added in v0.2.16

func (q *Quotas) RememberQuotas(issuerName resources.ObjectName, requestsPerDay int)

RememberQuotas stores the requests per days quota and creates a new ratelimiter if the quota changed.

func (*Quotas) RemoveIssuer added in v0.2.16

func (q *Quotas) RemoveIssuer(issuerName resources.ObjectName)

RemoveIssuer removes all secretRefs for an issuer.

func (*Quotas) RequestsPerDay added in v0.2.16

func (q *Quotas) RequestsPerDay(issuerName resources.ObjectName) int

RequestsPerDay gets the request per day quota

func (*Quotas) TryAccept added in v0.2.16

func (q *Quotas) TryAccept(issuerName resources.ObjectName) (bool, int)

TryAccept tries to accept a certificate request according to the quotas. Returns true if accepted and the requests per days quota value

type ReferencedSecrets

type ReferencedSecrets struct {
	// contains filtered or unexported fields
}

ReferencedSecrets stores references between issuers and their secrets.

func NewReferencedSecrets

func NewReferencedSecrets() *ReferencedSecrets

NewReferencedSecrets create a ReferencedSecrets

func (*ReferencedSecrets) GetIssuerSecretHash

func (rs *ReferencedSecrets) GetIssuerSecretHash(issuerName resources.ObjectName) string

GetIssuerSecretHash gets the for an issuer secret

func (*ReferencedSecrets) IssuerNamesFor

func (rs *ReferencedSecrets) IssuerNamesFor(secretName resources.ObjectName) resources.ObjectNameSet

IssuerNamesFor finds issuers for given secret name.

func (*ReferencedSecrets) RememberIssuerSecret

func (rs *ReferencedSecrets) RememberIssuerSecret(issuerName resources.ObjectName, secretRef *v1.SecretReference, hash string) bool

RememberIssuerSecret stores a secretRef for an issuer.

func (*ReferencedSecrets) RemoveIssuer

func (rs *ReferencedSecrets) RemoveIssuer(issuerName resources.ObjectName) bool

RemoveIssuer removes all secretRefs for an issuer.

type Support

type Support struct {
	// contains filtered or unexported fields
}

Support provides common issuer/credentials functionality.

func (*Support) AddCertificate

func (s *Support) AddCertificate(logger logger.LogContext, cert *api.Certificate)

AddCertificate adds a certificate

func (*Support) CalcSecretHash

func (s *Support) CalcSecretHash(secret *corev1.Secret) string

CalcSecretHash calculates the secret hash

func (*Support) CertificateNamesForIssuer

func (s *Support) CertificateNamesForIssuer(issuer resources.ObjectName) []resources.ObjectName

CertificateNamesForIssuer returns the certificate names for an issuer

func (*Support) DefaultIssuerDomainRanges

func (s *Support) DefaultIssuerDomainRanges() []string

DefaultIssuerDomainRanges returns the default issuer domain ranges.

func (*Support) DefaultIssuerName

func (s *Support) DefaultIssuerName() string

DefaultIssuerName returns the default issuer name

func (*Support) EnqueueKey

func (s *Support) EnqueueKey(key resources.ClusterObjectKey) error

EnqueueKey forwards to an enqueuer

func (*Support) Failed

func (s *Support) Failed(logger logger.LogContext, obj resources.Object, state string, itype *string, err error) reconcile.Status

Failed handles failed.

func (*Support) GetDefaultClusterID added in v0.2.10

func (s *Support) GetDefaultClusterID() string

GetDefaultClusterID returns the cluster id of the default cluster

func (*Support) GetIssuerResources

func (s *Support) GetIssuerResources() resources.Interface

GetIssuerResources returns the resources for issuer.

func (*Support) GetIssuerSecretHash

func (s *Support) GetIssuerSecretHash(issuer resources.ObjectName) string

GetIssuerSecretHash returns the issuer secret hash code

func (*Support) GetIssuerSecretResources

func (s *Support) GetIssuerSecretResources() resources.Interface

GetIssuerSecretResources returns the resources for issuer secrets.

func (*Support) IssuerNamesForSecret

func (s *Support) IssuerNamesForSecret(secretName resources.ObjectName) resources.ObjectNameSet

IssuerNamesForSecret returns issuer names for a secret name

func (*Support) IssuerNamespace

func (s *Support) IssuerNamespace() string

IssuerNamespace returns the issuer namespace

func (*Support) ReadIssuerSecret

func (s *Support) ReadIssuerSecret(ref *corev1.SecretReference) (*corev1.Secret, error)

ReadIssuerSecret reads a issuer secret

func (*Support) RememberIssuerQuotas added in v0.2.16

func (s *Support) RememberIssuerQuotas(issuer resources.ObjectName, issuerRequestsPerDay *int) int

RememberIssuerQuotas stores the issuer quotas.

func (*Support) RememberIssuerSecret

func (s *Support) RememberIssuerSecret(issuer resources.ObjectName, secretRef *corev1.SecretReference, hash string)

RememberIssuerSecret stores issuer secret ref pair.

func (*Support) RemoveCertificate

func (s *Support) RemoveCertificate(logger logger.LogContext, certObjName resources.ObjectName)

RemoveCertificate removes a certificate

func (*Support) RemoveIssuer

func (s *Support) RemoveIssuer(name resources.ObjectName) bool

RemoveIssuer removes an issuer

func (*Support) SucceededAndTriggerCertificates

func (s *Support) SucceededAndTriggerCertificates(logger logger.LogContext, obj resources.Object, itype *string, regRaw []byte) reconcile.Status

SucceededAndTriggerCertificates handles succeeded and trigger certificates.

func (*Support) TryAcceptCertificateRequest added in v0.2.16

func (s *Support) TryAcceptCertificateRequest(issuer resources.ObjectName) (bool, int)

TryAcceptCertificateRequest tries to accept a certificate request according to the quotas. Return true if accepted and the requests per days quota value

func (*Support) UpdateIssuerSecret

func (s *Support) UpdateIssuerSecret(issuer metav1.ObjectMeta, reguser *legobridge.RegistrationUser,
	secret *corev1.Secret) error

UpdateIssuerSecret updates an issuer secret

func (*Support) WriteIssuerSecretFromRegistrationUser

func (s *Support) WriteIssuerSecretFromRegistrationUser(issuer metav1.ObjectMeta, reguser *legobridge.RegistrationUser,
	secretRef *corev1.SecretReference) (*corev1.SecretReference, *corev1.Secret, error)

WriteIssuerSecretFromRegistrationUser writes an issuer secret

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL