v1alpha1

package

v0.14.2 Latest Latest Go to latest Published: Apr 8, 2020 License: Apache-2.0 Imports: 6 Imported by: 58

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jetstack/cert-manager

Links

Open Source Insights

Documentation ¶

Overview ¶

Package v1alpha1 is the v1alpha1 version of the API. +groupName=webhook.acme.cert-manager.io

Index ¶

Variables
func Resource(resource string) schema.GroupResource
type ChallengeAction
type ChallengePayload
type ChallengeRequest
- func (in *ChallengeRequest) DeepCopy() *ChallengeRequest
- func (in *ChallengeRequest) DeepCopyInto(out *ChallengeRequest)
type ChallengeResponse
- func (in *ChallengeResponse) DeepCopy() *ChallengeResponse
- func (in *ChallengeResponse) DeepCopyInto(out *ChallengeResponse)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	SchemeBuilder runtime.SchemeBuilder

	AddToScheme = localSchemeBuilder.AddToScheme
)

View Source

var SchemeGroupVersion = schema.GroupVersion{Group: acme.GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

Functions ¶

func Resource ¶

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types ¶

type ChallengeAction ¶

type ChallengeAction string

const (
	ChallengeActionPresent ChallengeAction = "Present"
	ChallengeActionCleanUp ChallengeAction = "CleanUp"
)

type ChallengePayload ¶

type ChallengePayload struct {
	metav1.TypeMeta `json:",inline"`

	// Request describes the attributes for the ACME solver request
	// +optional
	Request *ChallengeRequest `json:"request,omitempty"`

	// Response describes the attributes for the ACME solver response
	// +optional
	Response *ChallengeResponse `json:"response,omitempty"`
}

ChallengePayload describes a request/response for presenting or cleaning up an ACME challenge resource

func (*ChallengePayload) DeepCopy ¶

func (in *ChallengePayload) DeepCopy() *ChallengePayload

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengePayload.

func (*ChallengePayload) DeepCopyInto ¶

func (in *ChallengePayload) DeepCopyInto(out *ChallengePayload)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ChallengePayload) DeepCopyObject ¶

func (in *ChallengePayload) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ChallengeRequest ¶

type ChallengeRequest struct {
	// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
	// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
	// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
	// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
	UID types.UID `json:"uid"`

	// Action is one of 'present' or 'cleanup'.
	// If the action is 'present', the record will be presented with the
	// solving service.
	// If the action is 'cleanup', the record will be cleaned up with the
	// solving service.
	Action ChallengeAction `json:"action"`

	// Type is the type of ACME challenge.
	// Only dns-01 is currently supported.
	Type string `json:"type"`

	// DNSName is the name of the domain that is actually being validated, as
	// requested by the user on the Certificate resource.
	// This will be of the form 'example.com' from normal hostnames, and
	// '*.example.com' for wildcards.
	DNSName string `json:"dnsName"`

	// Key is the key that should be presented.
	// This key will already be signed by the account that owns the challenge.
	// For DNS01, this is the key that should be set for the TXT record for
	// ResolveFQDN.
	Key string `json:"key"`

	// ResourceNamespace is the namespace containing resources that are
	// referenced in the providers config.
	// If this request is solving for an Issuer resource, this will be the
	// namespace of the Issuer.
	// If this request is solving for a ClusterIssuer resource, this will be
	// the configured 'cluster resource namespace'
	ResourceNamespace string `json:"resourceNamespace"`

	// ResolvedFQDN is the fully-qualified domain name that should be
	// updated/presented after resolving all CNAMEs.
	// This should be honoured when using the DNS01 solver type.
	// This will be of the form '_acme-challenge.example.com.'.
	// +optional
	ResolvedFQDN string `json:"resolvedFQDN,omitempty"`

	// ResolvedZone is the zone encompassing the ResolvedFQDN.
	// This is included as part of the ChallengeRequest so that webhook
	// implementers do not need to implement their own SOA recursion logic.
	// This indicates the zone that the provided FQDN is encompassed within,
	// determined by performing SOA record queries for each part of the FQDN
	// until an authoritative zone is found.
	// This will be of the form 'example.com.'.
	ResolvedZone string `json:"resolvedZone,omitempty"`

	// AllowAmbientCredentials advises webhook implementations that they can
	// use 'ambient credentials' for authenticating with their respective
	// DNS provider services.
	// This field SHOULD be honoured by all DNS webhook implementations, but
	// in certain instances where it does not make sense to honour this option,
	// an implementation may ignore it.
	AllowAmbientCredentials bool `json:"allowAmbientCredentials"`

	// Config contains unstructured JSON configuration data that the webhook
	// implementation can unmarshal in order to fetch secrets or configure
	// connection details etc.
	// Secret values should not be passed in this field, in favour of
	// references to Kubernetes Secret resources that the webhook can fetch.
	// +optional
	Config *apiext.JSON `json:"config,omitempty"`
}

ChallengeRequest is a payload that can be sent to external ACME webhook solvers in order to 'Present' or 'CleanUp' a challenge with an ACME server.

func (*ChallengeRequest) DeepCopy ¶

func (in *ChallengeRequest) DeepCopy() *ChallengeRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeRequest.

func (*ChallengeRequest) DeepCopyInto ¶

func (in *ChallengeRequest) DeepCopyInto(out *ChallengeRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ChallengeResponse ¶

type ChallengeResponse struct {
	// UID is an identifier for the individual request/response.
	// This should be copied over from the corresponding ChallengeRequest.
	UID types.UID `json:"uid"`

	// Success will be set to true if the request action (i.e. presenting or
	// cleaning up) was successful.
	Success bool `json:"success"`

	// Result contains extra details into why a challenge request failed.
	// This field will be completely ignored if 'success' is true.
	// +optional
	Result *metav1.Status `json:"status,omitempty"`
}

func (*ChallengeResponse) DeepCopy ¶

func (in *ChallengeResponse) DeepCopy() *ChallengeResponse

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeResponse.

func (*ChallengeResponse) DeepCopyInto ¶

func (in *ChallengeResponse) DeepCopyInto(out *ChallengeResponse)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL