Documentation ¶
Overview ¶
Package v1 contains API Schema definitions for the certwatch v1 API group +kubebuilder:object:generate=true +groupName=certwatch.morimoto.net.br
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "certwatch.morimoto.net.br", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type CertWatchActionEmail ¶
type CertWatchActionEmail struct { // ConfigFile is the configuration file with information about the email server // to use ConfigFile string `json:"configFile,omitempty"` // From is the header that identifies the sender of the e-mail. If not specified // here, the value must be specified in configuration file. From string `json:"from,omitempty"` // To is the header that identifies the recipients of the e-mail. A comma // separated list of e-mail addresses. To string `json:"to"` // Cc is the header that identifies carbon copy receivers of the e-mail. A comma // separated list of e-mail addresses. Cc string `json:"cc,omitempty"` // Bcc is the header that identifies blind carbon copy receivers of the e-mail. A // comma separated list of e-mail addresses. Bcc string `json:"bcc,omitempty"` // Subject is the header that informs the subject of the e-mail. Subject string `json:"subject,omitempty"` // BodyTemplate is the full contents of the e-mail body to send. BodyTemplate string `json:"bodyTemplate,omitempty"` // BodyContentType is the header that identifies the type of content the e-mail // will have: text/plain or text/html BodyContentType string `json:"bodyContentType,omitempty"` // Attachments is the list of attachments to send with the e-mail. Paths are // relative to a temporary workspace directory where different versions of the // certificate files are saved before sending the email. Files will be available // in popular formats, like PEM and PKCS#12, zipped and unzipped. Attachments []string `json:"attachments,omitempty"` }
CertWatchActionEmail is used to send certificate files via e-mail. Before sending, both private and public keys are saved into a temporary workspace directory and converted to various popular formats that can be used as attachments, such as PEM and PKCS#12. All files are also zipped to give users the option to send zipped files, instead of the raw certificates. There will be one zip file for each individual certificate format and another with all of them together. Zip files can also be password protected. All these options are provided to give user multiple options. Quite often, e-mail recipients have anti-virus software that scans incoming mail and blocks certain file extensions (scripts and certificates included). To overcome these restrictions, cert-watch users have the option to send a password-protected zip file. This password is assumed to be shared secret between sender and receiver and is not managed by cert-watch.
func (*CertWatchActionEmail) DeepCopy ¶
func (in *CertWatchActionEmail) DeepCopy() *CertWatchActionEmail
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionEmail.
func (*CertWatchActionEmail) DeepCopyInto ¶
func (in *CertWatchActionEmail) DeepCopyInto(out *CertWatchActionEmail)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatchActionJob ¶
type CertWatchActionJob struct { // Name identifies the job that will be executed. Name string `json:"name"` // VolumeName controls the name of the volume that will be created to mount // certificate files into the Job's containers. Defaults to "certs". VolumeName string `json:"volumeName,omitempty"` // MountPath controls the mountPath used in the volume created to mount // certificate files into the Job's containers. Defaults to "/workspace". MountPath string `json:"mountPath,omitempty"` // Spec is a standard Kubernetes job spec. Spec v1.JobSpec `json:"spec"` }
CertWatchActionJob is used to perform actions upon certificate change by running a Kubernetes Job. The job spec follows the same declaration from the batch/v1 api. https://kubernetes.io/docs/concepts/workloads/controllers/job/
func (*CertWatchActionJob) DeepCopy ¶
func (in *CertWatchActionJob) DeepCopy() *CertWatchActionJob
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionJob.
func (*CertWatchActionJob) DeepCopyInto ¶
func (in *CertWatchActionJob) DeepCopyInto(out *CertWatchActionJob)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatchActionScp ¶
type CertWatchActionScp struct { // Hostname is the remote hostname to connect to. Hostname string `json:"hostname"` // Port number to connect to. Defaults to 22. Port int `json:"port,omitempty"` // CredentialSecret is the name of the Secret containing credentials to authenticate. Depending on // AuthType, it may contain username, password, key or passphrase values. // The reference to the Secret should be in the form namespace/secret-name. CredentialSecret string `json:"credentialSecret"` // AuthType is the authentication type to use: password|key. Defaults to `password`. AuthType string `json:"authType,omitempty"` // Files is the list of files to copy. Filenames are relative to a temporary // workspace where certificates are stored while they are being processed. After // processing, this temporary directory and all its files are removed. Files []CertWatchScpFile `json:"files"` }
CertWatchActionScp is used to send certificate files via SCP (ssh copy). Authentication credentials are recovered from a given Secret name. Authentication type (AuthType) can be either `password` (for username and password) or `key` for SSH keys.
func (*CertWatchActionScp) DeepCopy ¶
func (in *CertWatchActionScp) DeepCopy() *CertWatchActionScp
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchActionScp.
func (*CertWatchActionScp) DeepCopyInto ¶
func (in *CertWatchActionScp) DeepCopyInto(out *CertWatchActionScp)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatchScpFile ¶
type CertWatchScpFile struct { // Name is the name of the local certificate file. Filenames are relative to the // temporary workspace directory. Name string `json:"name"` // RemotePath is the full directory path in the remote host where the certificate // will be copied to. RemotePath string `json:"remotePath"` // Mode is the file mode the file on the remote host will have. A string in // numeric form, such as 0644. Mode string `json:"mode,omitempty"` }
CertWatchScpFile represents a file that must be copied to a remote location using the CertWatchActionScp action. Mode defaults to 0600.
func (*CertWatchScpFile) DeepCopy ¶
func (in *CertWatchScpFile) DeepCopy() *CertWatchScpFile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatchScpFile.
func (*CertWatchScpFile) DeepCopyInto ¶
func (in *CertWatchScpFile) DeepCopyInto(out *CertWatchScpFile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatcher ¶
type CertWatcher struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec CertWatcherSpec `json:"spec,omitempty"` Status CertWatcherStatus `json:"status,omitempty"` }
CertWatcher is the Schema for the certwatchers API +kubebuilder:printcolumn:name="SECRET_NS",type=string,JSONPath=`.spec.secret.namespace` +kubebuilder:printcolumn:name="SECRET_NAME",type=string,JSONPath=`.spec.secret.name` +kubebuilder:printcolumn:name="STATUS",type=string,JSONPath=`.status.status` +kubebuilder:printcolumn:name="ACTION_STATUS",type=string,JSONPath=`.status.actionStatus` +kubebuilder:printcolumn:name="LAST_UPDATE",type=string,JSONPath=`.status.lastUpdate` +kubebuilder:printcolumn:name="LAST_CHECKSUM",type=string,JSONPath=`.status.lastChecksum` +kubebuilder:printcolumn:name="MESSAGE",type=string,JSONPath=`.status.message`
func (*CertWatcher) DeepCopy ¶
func (in *CertWatcher) DeepCopy() *CertWatcher
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcher.
func (*CertWatcher) DeepCopyInto ¶
func (in *CertWatcher) DeepCopyInto(out *CertWatcher)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CertWatcher) DeepCopyObject ¶
func (in *CertWatcher) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CertWatcherAction ¶
type CertWatcherAction struct { // Dummy action used for testing and debugging. Echo *CertWatcherActionEcho `json:"echo,omitempty"` // React to Secret change by sending e-mails. Email *CertWatchActionEmail `json:"email,omitempty"` // React to Secret change by copying files to a remote host via SCP (ssh). Scp *CertWatchActionScp `json:"scp,omitempty"` // React to Secret change by running a custom Kubernetes Job. Follow the same spec from batch/v1 API. Job *CertWatchActionJob `json:"job,omitempty"` }
CertWatcherAction represents one or more actions that will be performed when a Secret change is identified.
func (*CertWatcherAction) DeepCopy ¶
func (in *CertWatcherAction) DeepCopy() *CertWatcherAction
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherAction.
func (*CertWatcherAction) DeepCopyInto ¶
func (in *CertWatcherAction) DeepCopyInto(out *CertWatcherAction)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatcherActionEcho ¶
type CertWatcherActionEcho struct { }
CertWatcherActionEcho Dummy action that simply generates an Event informing the Secret change. Does not perform any useful action and is mostly used for testing and debugging.
func (*CertWatcherActionEcho) DeepCopy ¶
func (in *CertWatcherActionEcho) DeepCopy() *CertWatcherActionEcho
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherActionEcho.
func (*CertWatcherActionEcho) DeepCopyInto ¶
func (in *CertWatcherActionEcho) DeepCopyInto(out *CertWatcherActionEcho)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatcherList ¶
type CertWatcherList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []CertWatcher `json:"items"` }
CertWatcherList contains a list of CertWatcher
func (*CertWatcherList) DeepCopy ¶
func (in *CertWatcherList) DeepCopy() *CertWatcherList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherList.
func (*CertWatcherList) DeepCopyInto ¶
func (in *CertWatcherList) DeepCopyInto(out *CertWatcherList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CertWatcherList) DeepCopyObject ¶
func (in *CertWatcherList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CertWatcherSecret ¶
type CertWatcherSecret struct { // Name of the Secret watched by CertWatcher Name string `json:"name"` // Namespace of the Secret watched by CertWatcher. Namespace string `json:"namespace"` }
func (*CertWatcherSecret) DeepCopy ¶
func (in *CertWatcherSecret) DeepCopy() *CertWatcherSecret
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherSecret.
func (*CertWatcherSecret) DeepCopyInto ¶
func (in *CertWatcherSecret) DeepCopyInto(out *CertWatcherSecret)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatcherSpec ¶
type CertWatcherSpec struct { // Secret watched by CertWatcher Secret CertWatcherSecret `json:"secret"` // ZipFilesPassword is the password that should be used to zip certificate files. // Zipped versions of each certificates are kept along with the raw files. If // this values is empty, zip files will no tbe protected with any password. ZipFilesPassword string `json:"zipFilesPassword,omitempty"` // Pkcs12Password is the password that should be used in the PKCS#12 envelope. If // empty, p12 certificate files will not be protected by any password. Pkcs12Password string `json:"pkcs12Password,omitempty"` // FilenamesPrefix is the prefix that should be used in the exported certificate // filenames. If empty, defaults to "tls", so files will be created in the // temporary workspace directory as tls.key, tls.crt, tls.p12, etc... FilenamesPrefix string `json:"filenamesPrefix,omitempty"` // Actions that should be performed when the watched Secret changes. Actions CertWatcherAction `json:"actions,omitempty"` }
CertWatcherSpec defines the desired state of CertWatcher
func (*CertWatcherSpec) DeepCopy ¶
func (in *CertWatcherSpec) DeepCopy() *CertWatcherSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherSpec.
func (*CertWatcherSpec) DeepCopyInto ¶
func (in *CertWatcherSpec) DeepCopyInto(out *CertWatcherSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertWatcherStatus ¶
type CertWatcherStatus struct { Status string `json:"status,omitempty"` LastUpdate metav1.Time `json:"lastUpdate,omitempty"` LastChecksum string `json:"lastChecksum,omitempty"` ActionStatus string `json:"actionStatus,omitempty"` Message string `json:"message,omitempty"` }
CertWatcherStatus defines the observed state of CertWatcher
func (*CertWatcherStatus) DeepCopy ¶
func (in *CertWatcherStatus) DeepCopy() *CertWatcherStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertWatcherStatus.
func (*CertWatcherStatus) DeepCopyInto ¶
func (in *CertWatcherStatus) DeepCopyInto(out *CertWatcherStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.