certificates

package
v1.76.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 11, 2023 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 25 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultSyncPeriod = 5 * time.Minute

DefaultSyncPeriod is the default sync period for the certificate reconciler and reloader.

Functions

func AddCertificateManagementToManager

func AddCertificateManagementToManager(
	ctx context.Context,
	mgr manager.Manager,
	clock clock.Clock,
	sourceWebhookConfigs []client.Object,
	shootWebhookConfig *admissionregistrationv1.MutatingWebhookConfiguration,
	atomicShootWebhookConfig *atomic.Value,
	shootNamespaceSelector map[string]string,
	shootWebhookManagedResourceName string,
	componentName string,
	namespace string,
	mode string,
	url string,
) error

AddCertificateManagementToManager adds reconcilers to the given manager that manage the webhook certificates, namely - generate and auto-rotate the webhook CA and server cert using a secrets manager (in leader only) - fetch current webhook server cert and write it to disk for the webhook server to pick up (in all replicas)

func GenerateUnmanagedCertificates

func GenerateUnmanagedCertificates(providerName, certDir, mode, url string) ([]byte, error)

GenerateUnmanagedCertificates generates a one-off CA and server cert for a webhook server. The server certificate and key are written to certDir. This is useful for local development.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL