bootstrap

package
v0.35.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 21, 2020 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source
const GardenerSeedBootstrapper = "gardener.cloud:system:seed-bootstrapper"

GardenerSeedBootstrapper is a constant for the gardener seed bootstrapper name.

Variables

This section is empty.

Functions

func BuildBootstrapperName added in v0.35.0

func BuildBootstrapperName(name string) string

BuildBootstrapperName concatenates the gardener seed bootstrapper group with the given name, separated by a colon.

func DeleteBootstrapAuth added in v0.35.0

func DeleteBootstrapAuth(ctx context.Context, c client.Client, csrName, seedName string) error

DeleteBootstrapAuth checks which authentication mechanism was used to request a certificate (either a bootstrap token or a service account token was used). If the latter is true then it also deletes the corresponding ClusterRoleBinding.

func MarshalKubeconfigWithClientCertificate added in v0.35.0

func MarshalKubeconfigWithClientCertificate(config *rest.Config, privateKeyData, certDat []byte) ([]byte, error)

MarshalKubeconfigWithClientCertificate marshals the kubeconfig derived from the bootstrapping process.

func MarshalKubeconfigWithToken added in v0.35.0

func MarshalKubeconfigWithToken(config *rest.Config, token string) ([]byte, error)

MarshalKubeconfigWithToken marshals the kubeconfig derived with the given bootstrap token.

func RequestCertificate added in v0.35.0

func RequestCertificate(ctx context.Context, certificateClient certificatesv1beta1client.CertificateSigningRequestInterface, privateKeyData []byte, commonName string, organization []string) (certData []byte, csrName string, err error)

RequestCertificate will create a certificate signing request for a given organization and common name for the CSR will be set as expected for seed certificates) and send it to API server, then it will watch the object's status, once approved by API server, it will return the API server's issued certificate (pem-encoded). If there is any errors, or the watch timeouts, it will return an error.

func RequestSeedCertificate

func RequestSeedCertificate(ctx context.Context, certificateClient certificatesv1beta1client.CertificateSigningRequestInterface, privateKeyData []byte, seedName string) (certData []byte, csrName string, err error)

RequestSeedCertificate will create a certificate signing request for a seed (Organization and CommonName for the CSR will be set as expected for seed certificates) and send it to API server, then it will watch the object's status, once approved by API server, it will return the API server's issued certificate (pem-encoded). If there is any errors, or the watch timeouts, it will return an error. This is intended for use on seeds (gardenlet).

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL