cainjector

package
v0.15.0-alpha.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 22, 2020 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	MutatingWebhookSetup = injectorSetup{
							// contains filtered or unexported fields
	}

	ValidatingWebhookSetup = injectorSetup{
							// contains filtered or unexported fields
	}

	APIServiceSetup = injectorSetup{
					// contains filtered or unexported fields
	}

	CRDSetup = injectorSetup{
				// contains filtered or unexported fields
	}

	AuditSinkSetup = injectorSetup{
					// contains filtered or unexported fields
	}

	ControllerNames []string
)

Functions

func OwningCertForSecret

func OwningCertForSecret(secret *corev1.Secret) *types.NamespacedName

OwningCertForSecret gets the name of the owning certificate for a given secret, returning nil if no such object exists. Right now, this actually uses a label instead of owner refs, since certmanager doesn't set owner refs on secrets.

func Register

func Register(mgr ctrl.Manager, setup injectorSetup, sources ...caDataSource) error

Register registers an injection controller with the given manager, and adds relevant indicies.

func RegisterCertificateBased added in v0.10.0

func RegisterCertificateBased(mgr ctrl.Manager) error

RegisterCertificateBased registers all known injection controllers that target Certificate resources with the given manager, and adds relevant indices. The registered controllers require the cert-manager API to be available in order to run.

func RegisterSecretBased added in v0.10.0

func RegisterSecretBased(mgr ctrl.Manager) error

RegisterSecretBased registers all known injection controllers that target Secret resources with the given manager, and adds relevant indices. The registered controllers only require the corev1 APi to be available in order to run.

Types

type CertInjector

type CertInjector interface {
	// NewTarget creates a new InjectTarget containing an empty underlying object.
	NewTarget() InjectTarget
	// IsAlpha tells the client to disregard "no matching kind" type of errors
	IsAlpha() bool
}

CertInjector knows how to create an instance of an InjectTarget for some particular type of inject target. For instance, an implementation might create a InjectTarget containing an empty MutatingWebhookConfiguration. The underlying API object can be populated (via AsObject) using client.Client#Get, and then CAs can be injected with Injectables (representing the various individual webhooks in the config) retrieved with Services.

type InjectTarget

type InjectTarget interface {
	// AsObject returns this injectable as an object.
	// It should be a pointer suitable for mutation.
	AsObject() runtime.Object

	// SetCA sets the CA of this target to the given certificate data (in the standard
	// PEM format used across Kubernetes).  In cases where multiple CA fields exist per
	// target (like admission webhook configs), all CAs are set to the given value.
	SetCA(data []byte)
}

InjectTarget is a Kubernetes API object that has one or more references to Kubernetes Services with corresponding fields for CA bundles.

type Injectable

type Injectable interface {
}

Injectable is a point in a Kubernetes API object that represents a Kubernetes Service reference with a corresponding spot for a CA bundle.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL