options

package
v0.14.0-alpha.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ControllerOptions 

type ControllerOptions struct {
	APIServerHost            string
	Kubeconfig               string
	ClusterResourceNamespace string
	Namespace                string

	LeaderElect                 bool
	LeaderElectionNamespace     string
	LeaderElectionLeaseDuration time.Duration
	LeaderElectionRenewDeadline time.Duration
	LeaderElectionRetryPeriod   time.Duration

	EnabledControllers []string

	ACMEHTTP01SolverImage                 string
	ACMEHTTP01SolverResourceRequestCPU    string
	ACMEHTTP01SolverResourceRequestMemory string
	ACMEHTTP01SolverResourceLimitsCPU     string
	ACMEHTTP01SolverResourceLimitsMemory  string

	ClusterIssuerAmbientCredentials bool
	IssuerAmbientCredentials        bool
	RenewBeforeExpiryDuration       time.Duration

	// Default issuer/certificates details consumed by ingress-shim
	DefaultIssuerName                 string
	DefaultIssuerKind                 string
	DefaultIssuerGroup                string
	DefaultAutoCertificateAnnotations []string

	// Allows specifying a list of custom nameservers to perform DNS checks on.
	DNS01RecursiveNameservers []string
	// Allows controlling if recursive nameservers are only used for all checks.
	// Normally authoritative nameservers are used for checking propagation.
	DNS01RecursiveNameserversOnly bool

	EnableCertificateOwnerRef bool

	MaxConcurrentChallenges int

	// Namespace is the namespace the webhook CA and serving secret will be
	// created in.
	// If not specified, it will default to the same namespace as cert-manager.
	WebhookNamespace string

	// CASecretName is the name of the secret containing the webhook's root CA
	WebhookCASecretName string

	// ServingSecretName is the name of the secret containing the webhook's
	// serving certificate
	WebhookServingSecretName string

	// DNSNames are the dns names that should be set on the serving certificate
	WebhookDNSNames []string

	// ExperimentalIssuePKCS12, if true, will make the certificates controller
	// create a `keystore.p12` in the Secret resource for each Certificate.
	// This can only be toggled globally, and the keystore will be encrypted
	// with the supplied ExperimentalPKCS12KeystorePassword.
	// This flag is likely to be removed in future in favour of native PKCS12
	// keystore bundle support.
	ExperimentalIssuePKCS12 bool
	// ExperimentalPKCS12KeystorePassword is the password used to encrypt and
	// decrypt PKCS#12 bundles stored in Secret resources.
	// This option only has any affect is ExperimentalIssuePKCS12 is true.
	ExperimentalPKCS12KeystorePassword string

	// ExperimentalIssueJKS, if true, will make the certificates controller
	// create a `keystore.jks` in the Secret resource for each Certificate.
	// This can only be toggled globally, and the keystore will be encrypted
	// with the supplied ExperimentalJKSPassword.
	// This flag is likely to be removed in future in favour of native JKS
	// keystore bundle support.
	ExperimentalIssueJKS bool
	// ExperimentalJKSPassword is the password used to encrypt and
	// decrypt JKS bundles stored in Secret resources.
	// This option only has any affect is ExperimentalIssueJKS is true.
	ExperimentalJKSPassword string
}

func NewControllerOptions 

func NewControllerOptions() *ControllerOptions

func (*ControllerOptions) AddFlags 

func (s *ControllerOptions) AddFlags(fs *pflag.FlagSet)

func (*ControllerOptions) Validate 

func (o *ControllerOptions) Validate() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.