manager

package
v1.70.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 9, 2023 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 11 Imported by: 21

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateAllSecrets

func GenerateAllSecrets(ctx context.Context, sm secretsmanager.Interface, secretConfigs []SecretConfigWithOptions) (map[string]*corev1.Secret, error)

GenerateAllSecrets takes care of generating all secret configs with the given SecretsManager (first CA configs, then the rest).

func SecretsManagerForCluster

func SecretsManagerForCluster(ctx context.Context, logger logr.Logger, clock clock.Clock, c client.Client, cluster *extensionscontroller.Cluster, identity string, secretConfigs []SecretConfigWithOptions) (secretsmanager.Interface, error)

SecretsManagerForCluster initializes a new SecretsManager for the given Cluster. It takes care about rotating CAs among the given secretConfigs in lockstep with all other shoot cluster CAs. It basically makes sure your extension fulfills the requirements for shoot CA rotation when managing secrets with this SecretsManager. I.e., it - initiates rotation of CAs according to cluster.shoot.status.credentials.rotation.certificateAuthorities.lastInitiationTime - keeps old CA secrets during CA rotation - removes old CA secrets on Cleanup() if cluster.shoot.status.credentials.rotation.certificateAuthorities.phase == Completing

Types

type SecretConfigWithOptions

type SecretConfigWithOptions struct {
	// Config contains the secret config to generate.
	Config secretsutils.ConfigInterface
	// Options contains options for generating Config.
	Options []secretsmanager.GenerateOption
}

SecretConfigWithOptions combines a secret config with options that should be used for generating it.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL