Documentation ¶
Overview ¶
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria. With automated CSR requests and automated approvals, the volume of CSRs only increases over time, at a rapid rate if the certificate duration is short.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CSRCleanerController ¶
type CSRCleanerController struct {
// contains filtered or unexported fields
}
CSRCleanerController is a controller that garbage collects old certificate signing requests (CSRs). Since there are mechanisms that automatically create CSRs, and mechanisms that automatically approve CSRs, in order to prevent a build up of CSRs over time, it is necessary to GC them. CSRs will be removed if they meet one of the following criteria: the CSR is Approved with a certificate and is old enough to be past the GC issued deadline, the CSR is denied and is old enough to be past the GC denied deadline, the CSR is Pending and is old enough to be past the GC pending deadline, the CSR is approved with a certificate and the certificate is expired.
func NewCSRCleanerController ¶
func NewCSRCleanerController( csrClient csrclient.CertificateSigningRequestInterface, csrInformer certificatesinformers.CertificateSigningRequestInformer, ) *CSRCleanerController
NewCSRCleanerController creates a new CSRCleanerController.
func (*CSRCleanerController) Run ¶
func (ccc *CSRCleanerController) Run(workers int, stopCh <-chan struct{})
Run the main goroutine responsible for watching and syncing jobs.