service

package
v1.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 14, 2023 License: Apache-2.0, MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source
const GroupName = "service.cert.extensions.gardener.cloud"

GroupName is the group name use in this package

Variables

View Source
var (

	// AddToScheme is a pointer to SchemeBuilder.AddToScheme.
	AddToScheme = localSchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type ACMEExternalAccountBinding added in v1.11.0

type ACMEExternalAccountBinding struct {
	// keyID is the ID of the CA key that the External Account is bound to.
	KeyID string

	// KeySecretName is the secret name of the
	// Secret which holds the symmetric MAC key of the External Account Binding with data key 'hmacKey'.
	// The secret key stored in the Secret **must** be un-padded, base64 URL
	// encoded data.
	KeySecretName string
}

ACMEExternalAccountBinding is a reference to a CA external account of the ACME server.

func (*ACMEExternalAccountBinding) DeepCopy added in v1.11.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEExternalAccountBinding.

func (*ACMEExternalAccountBinding) DeepCopyInto added in v1.11.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertConfig

type CertConfig struct {
	metav1.TypeMeta

	// Issuers is the configuration for certificate issuers.
	Issuers []IssuerConfig

	// DNSChallengeOnShoot controls where the DNS entries for DNS01 challenges are created.
	// If not specified the DNS01 challenges are written to the control plane namespace on the seed.
	DNSChallengeOnShoot *DNSChallengeOnShoot

	// ShootIssuers contains enablement for issuers on shoot cluster
	// If specified, it overwrites the ShootIssuers settings of the service configuration.
	ShootIssuers *ShootIssuers

	// PrecheckNameservers is used to specify a comma-separated list of DNS servers for checking availability for DNS
	// challenge before calling ACME CA. Please consider to specify nameservers per issuer instead.
	PrecheckNameservers *string
}

CertConfig configuration resource

func (*CertConfig) DeepCopy

func (in *CertConfig) DeepCopy() *CertConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertConfig.

func (*CertConfig) DeepCopyInto

func (in *CertConfig) DeepCopyInto(out *CertConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CertConfig) DeepCopyObject

func (in *CertConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type DNSChallengeOnShoot added in v1.6.0

type DNSChallengeOnShoot struct {
	Enabled   bool
	Namespace string
	DNSClass  *string
}

DNSChallengeOnShoot is used to create DNS01 challenges on shoot and not on seed.

func (*DNSChallengeOnShoot) DeepCopy added in v1.6.0

func (in *DNSChallengeOnShoot) DeepCopy() *DNSChallengeOnShoot

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSChallengeOnShoot.

func (*DNSChallengeOnShoot) DeepCopyInto added in v1.6.0

func (in *DNSChallengeOnShoot) DeepCopyInto(out *DNSChallengeOnShoot)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DNSSelection added in v1.11.0

type DNSSelection struct {
	// Include are domain names for which certificate requests are allowed (including any subdomains)
	Include []string
	// Exclude are domain names for which certificate requests are forbidden (including any subdomains)
	Exclude []string
}

DNSSelection is a restriction on the domains to be allowed or forbidden for certificate requests

func (*DNSSelection) DeepCopy added in v1.11.0

func (in *DNSSelection) DeepCopy() *DNSSelection

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSSelection.

func (*DNSSelection) DeepCopyInto added in v1.11.0

func (in *DNSSelection) DeepCopyInto(out *DNSSelection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IssuerConfig

type IssuerConfig struct {
	Name   string
	Server string
	Email  string
	// RequestsPerDayQuota sets quota for certificate requests per day
	RequestsPerDayQuota *int

	// PrivateKeySecretName is the secret name for the ACME private key.
	// If not provided, a new private key is generated.
	PrivateKeySecretName *string

	// ACMEExternalAccountBinding is a reference to a CA external account of the ACME server.
	ExternalAccountBinding *ACMEExternalAccountBinding

	// SkipDNSChallengeValidation marks that this issuer does not validate DNS challenges.
	// In this case no DNS entries/records are created for a DNS Challenge and DNS propagation
	// is not checked.
	SkipDNSChallengeValidation *bool

	// Domains optionally specifies domains allowed or forbidden for certificate requests
	Domains *DNSSelection

	// PrecheckNameservers overwrites the default precheck nameservers used for checking DNS propagation.
	// Format `host` or `host:port`, e.g. "8.8.8.8" same as "8.8.8.8:53" or "google-public-dns-a.google.com:53".
	PrecheckNameservers []string
}

IssuerConfig contains information for certificate issuers.

func (*IssuerConfig) DeepCopy

func (in *IssuerConfig) DeepCopy() *IssuerConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerConfig.

func (*IssuerConfig) DeepCopyInto

func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ShootIssuers added in v1.14.0

type ShootIssuers struct {
	Enabled bool
}

ShootIssuers holds enablement for issuers on shoot cluster If specified, it overwrites the ShootIssuers settings of the service configuration.

func (*ShootIssuers) DeepCopy added in v1.14.0

func (in *ShootIssuers) DeepCopy() *ShootIssuers

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShootIssuers.

func (*ShootIssuers) DeepCopyInto added in v1.14.0

func (in *ShootIssuers) DeepCopyInto(out *ShootIssuers)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
Package v1alpha1 contains the Certificate Shoot Service extension.
Package v1alpha1 contains the Certificate Shoot Service extension.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL