v1

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 29, 2023 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package v1 contains API Schema definitions for the certwatch v1 API group +kubebuilder:object:generate=true +groupName=certwatch.morimoto.net.br

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "certwatch.morimoto.net.br", Version: "v1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type CertWatchActionEmail 

type CertWatchActionEmail struct {
	// ConfigFile is the configuration file with information about the email server
	// to use
	ConfigFile string `json:"configFile,omitempty"`

	// From is the header that identifies the sender of the e-mail. If not specified
	// here, the value must be specified in configuration file.
	From string `json:"from,omitempty"`

	// To is the header that identifies the recipients of the e-mail. A comma
	// separated list of e-mail addresses.
	To string `json:"to"`

	// Cc is the header that identifies carbon copy receivers of the e-mail. A comma
	// separated list of e-mail addresses.
	Cc string `json:"cc,omitempty"`

	// Bcc is the header that identifies blind carbon copy receivers of the e-mail. A
	// comma separated list of e-mail addresses.
	Bcc string `json:"bcc,omitempty"`

	// Subject is the header that informs the subject of the e-mail.
	Subject string `json:"subject,omitempty"`

	// BodyTemplate is the full contents of the e-mail body to send.
	BodyTemplate string `json:"bodyTemplate,omitempty"`

	// BodyContentType is the header that identifies the type of content the e-mail
	// will have: text/plain or text/html
	BodyContentType string `json:"bodyContentType,omitempty"`

	// Attachments is the list of attachments to send with the e-mail. Paths are
	// relative to a temporary workspace directory where different versions of the
	// certificate files are saved before sending the email. Files will be available
	// in popular formats, like PEM and PKCS#12, zipped and unzipped.
	Attachments []string `json:"attachments,omitempty"`
}

CertWatchActionEmail is used to send certificate files via e-mail. Before sending, both private and public keys are saved into a temporary workspace directory and converted to various popular formats that can be used as attachments, such as PEM and PKCS#12. All files are also zipped to give users the option to send zipped files, instead of the raw certificates. There will be one zip file for each individual certificate format and another with all of them together. Zip files can also be password protected. All these options are provided to give user multiple options. Quite often, e-mail recipients have anti-virus software that scans incoming mail and blocks certain file extensions (scripts and certificates included). To overcome these restrictions, cert-watch users have the option to send a password-protected zip file. This password is assumed to be shared secret between sender and receiver and is not managed by cert-watch.

func (*CertWatchActionEmail) DeepCopy 

func (in *CertWatchActionEmail) DeepCopy() *CertWatchActionEmail

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionEmail.

func (*CertWatchActionEmail) DeepCopyInto 

func (in *CertWatchActionEmail) DeepCopyInto(out *CertWatchActionEmail)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatchActionJob 

type CertWatchActionJob struct {
	// Name identifies the job that will be executed.
	Name string `json:"name"`

	// VolumeName controls the name of the volume that will be created to mount
	// certificate files into the Job's containers. Defaults to "certs".
	VolumeName string `json:"volumeName,omitempty"`

	// MountPath controls the mountPath used in the volume created to mount
	// certificate files into the Job's containers. Defaults to "/workspace".
	MountPath string `json:"mountPath,omitempty"`

	// Spec is a standard Kubernetes job spec.
	Spec v1.JobSpec `json:"spec"`
}

CertWatchActionJob is used to perform actions upon certificate change by running a Kubernetes Job. The job spec follows the same declaration from the batch/v1 api. https://kubernetes.io/docs/concepts/workloads/controllers/job/

func (*CertWatchActionJob) DeepCopy 

func (in *CertWatchActionJob) DeepCopy() *CertWatchActionJob

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionJob.

func (*CertWatchActionJob) DeepCopyInto 

func (in *CertWatchActionJob) DeepCopyInto(out *CertWatchActionJob)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatchActionScp 

type CertWatchActionScp struct {
	// Hostname is the remote hostname to connect to.
	Hostname string `json:"hostname"`

	// Port number to connect to. Defaults to 22.
	Port int `json:"port,omitempty"`

	// CredentialSecret is the name of the Secret containing credentials to authenticate. Depending on
	// AuthType, it may contain username, password, key or passphrase values.
	// The reference to the Secret should be in the form namespace/secret-name.
	CredentialSecret string `json:"credentialSecret"`

	// AuthType is the authentication type to use: password|key. Defaults to `password`.
	AuthType string `json:"authType,omitempty"`

	// Files is the list of files to copy. Filenames are relative to a temporary
	// workspace where certificates are stored while they are being processed. After
	// processing, this temporary directory and all its files are removed.
	Files []CertWatchScpFile `json:"files"`
}

CertWatchActionScp is used to send certificate files via SCP (ssh copy). Authentication credentials are recovered from a given Secret name. Authentication type (AuthType) can be either `password` (for username and password) or `key` for SSH keys.

func (*CertWatchActionScp) DeepCopy 

func (in *CertWatchActionScp) DeepCopy() *CertWatchActionScp

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionScp.

func (*CertWatchActionScp) DeepCopyInto 

func (in *CertWatchActionScp) DeepCopyInto(out *CertWatchActionScp)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatchScpFile 

type CertWatchScpFile struct {
	// Name is the name of the local certificate file. Filenames are relative to the
	// temporary workspace directory.
	Name string `json:"name"`

	// RemotePath is the full directory path in the remote host where the certificate
	// will be copied to.
	RemotePath string `json:"remotePath"`

	// Mode is the file mode the file on the remote host will have. A string in
	// numeric form, such as 0644.
	Mode string `json:"mode,omitempty"`
}

CertWatchScpFile represents a file that must be copied to a remote location using the CertWatchActionScp action. Mode defaults to 0600.

func (*CertWatchScpFile) DeepCopy 

func (in *CertWatchScpFile) DeepCopy() *CertWatchScpFile

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchScpFile.

func (*CertWatchScpFile) DeepCopyInto 

func (in *CertWatchScpFile) DeepCopyInto(out *CertWatchScpFile)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatcher 

type CertWatcher struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CertWatcherSpec   `json:"spec,omitempty"`
	Status CertWatcherStatus `json:"status,omitempty"`
}

CertWatcher is the Schema for the certwatchers API +kubebuilder:printcolumn:name="SECRET_NS",type=string,JSONPath=`.spec.secret.namespace` +kubebuilder:printcolumn:name="SECRET_NAME",type=string,JSONPath=`.spec.secret.name` +kubebuilder:printcolumn:name="STATUS",type=string,JSONPath=`.status.status` +kubebuilder:printcolumn:name="ACTION_STATUS",type=string,JSONPath=`.status.actionStatus` +kubebuilder:printcolumn:name="LAST_UPDATE",type=string,JSONPath=`.status.lastUpdate` +kubebuilder:printcolumn:name="LAST_CHECKSUM",type=string,JSONPath=`.status.lastChecksum` +kubebuilder:printcolumn:name="MESSAGE",type=string,JSONPath=`.status.message`

func (*CertWatcher) DeepCopy 

func (in *CertWatcher) DeepCopy() *CertWatcher

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcher.

func (*CertWatcher) DeepCopyInto 

func (in *CertWatcher) DeepCopyInto(out *CertWatcher)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CertWatcher) DeepCopyObject 

func (in *CertWatcher) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CertWatcherAction 

type CertWatcherAction struct {
	// Dummy action used for testing and debugging.
	Echo *CertWatcherActionEcho `json:"echo,omitempty"`

	// React to Secret change by sending e-mails.
	Email *CertWatchActionEmail `json:"email,omitempty"`

	// React to Secret change by copying files to a remote host via SCP (ssh).
	Scp *CertWatchActionScp `json:"scp,omitempty"`

	// React to Secret change by running a custom Kubernetes Job. Follow the same spec from batch/v1 API.
	Job *CertWatchActionJob `json:"job,omitempty"`
}

CertWatcherAction represents one or more actions that will be performed when a Secret change is identified.

func (*CertWatcherAction) DeepCopy 

func (in *CertWatcherAction) DeepCopy() *CertWatcherAction

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherAction.

func (*CertWatcherAction) DeepCopyInto 

func (in *CertWatcherAction) DeepCopyInto(out *CertWatcherAction)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatcherActionEcho 

type CertWatcherActionEcho struct {
}

CertWatcherActionEcho Dummy action that simply generates an Event informing the Secret change. Does not perform any useful action and is mostly used for testing and debugging.

func (*CertWatcherActionEcho) DeepCopy 

func (in *CertWatcherActionEcho) DeepCopy() *CertWatcherActionEcho

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherActionEcho.

func (*CertWatcherActionEcho) DeepCopyInto 

func (in *CertWatcherActionEcho) DeepCopyInto(out *CertWatcherActionEcho)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatcherList 

type CertWatcherList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CertWatcher `json:"items"`
}

CertWatcherList contains a list of CertWatcher

func (*CertWatcherList) DeepCopy 

func (in *CertWatcherList) DeepCopy() *CertWatcherList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherList.

func (*CertWatcherList) DeepCopyInto 

func (in *CertWatcherList) DeepCopyInto(out *CertWatcherList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CertWatcherList) DeepCopyObject 

func (in *CertWatcherList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CertWatcherSecret 

type CertWatcherSecret struct {
	// Name of the Secret watched by CertWatcher
	Name string `json:"name"`

	// Namespace of the Secret watched by CertWatcher.
	Namespace string `json:"namespace"`
}

func (*CertWatcherSecret) DeepCopy 

func (in *CertWatcherSecret) DeepCopy() *CertWatcherSecret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherSecret.

func (*CertWatcherSecret) DeepCopyInto 

func (in *CertWatcherSecret) DeepCopyInto(out *CertWatcherSecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatcherSpec 

type CertWatcherSpec struct {

	// Secret watched by CertWatcher
	Secret CertWatcherSecret `json:"secret"`

	// ZipFilesPassword is the password that should be used to zip certificate files.
	// Zipped versions of each certificates are kept along with the raw files. If
	// this values is empty, zip files will no tbe protected with any password.
	ZipFilesPassword string `json:"zipFilesPassword,omitempty"`

	// Pkcs12Password is the password that should be used in the PKCS#12 envelope. If
	// empty, p12 certificate files will not be protected by any password.
	Pkcs12Password string `json:"pkcs12Password,omitempty"`

	// FilenamesPrefix is the prefix that should be used in the exported certificate
	// filenames. If empty, defaults to "tls", so files will be created in the
	// temporary workspace directory as tls.key, tls.crt, tls.p12, etc...
	FilenamesPrefix string `json:"filenamesPrefix,omitempty"`

	// Actions that should be performed when the watched Secret changes.
	Actions CertWatcherAction `json:"actions,omitempty"`
}

CertWatcherSpec defines the desired state of CertWatcher

func (*CertWatcherSpec) DeepCopy 

func (in *CertWatcherSpec) DeepCopy() *CertWatcherSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherSpec.

func (*CertWatcherSpec) DeepCopyInto 

func (in *CertWatcherSpec) DeepCopyInto(out *CertWatcherSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertWatcherStatus 

type CertWatcherStatus struct {
	Status       string      `json:"status,omitempty"`
	LastUpdate   metav1.Time `json:"lastUpdate,omitempty"`
	LastChecksum string      `json:"lastChecksum,omitempty"`
	ActionStatus string      `json:"actionStatus,omitempty"`
	Message      string      `json:"message,omitempty"`
}

CertWatcherStatus defines the observed state of CertWatcher

func (*CertWatcherStatus) DeepCopy 

func (in *CertWatcherStatus) DeepCopy() *CertWatcherStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherStatus.

func (*CertWatcherStatus) DeepCopyInto 

func (in *CertWatcherStatus) DeepCopyInto(out *CertWatcherStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.