Affected by GO-2024-2441 and 1 other vulnerabilities

GO-2024-2441: The DES/3DES cipher was used as part of the TLS protocol by installation tools in github.com/karmada-io/karmada

GO-2024-2817: karmada vulnerable to arbitrary code execution via a crafted command in github.com/karmada-io/karmada

certificate

package

v1.4.5 Latest Latest Go to latest Published: Sep 7, 2023 License: Apache-2.0 Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/karmada-io/karmada

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type CertRotationController
- func (c *CertRotationController) Reconcile(ctx context.Context, req controllerruntime.Request) (controllerruntime.Result, error)
- func (c *CertRotationController) SetupWithManager(mgr controllerruntime.Manager) error

Constants ¶

View Source

const (
	// CertRotationControllerName is the controller name that will be used when reporting events.
	CertRotationControllerName = "cert-rotation-controller"

	// SignerName defines the signer name for csr, 'kubernetes.io/kube-apiserver-client-kubelet' can sign the csr automatically
	SignerName = "kubernetes.io/kube-apiserver-client-kubelet"

	// KarmadaKubeconfigName is the name of the secret containing karmada-agent certificate.
	KarmadaKubeconfigName = "karmada-kubeconfig"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertRotationController ¶

type CertRotationController struct {
	client.Client        // used to operate cluster resources in the control plane.
	KubeClient           clientset.Interface
	EventRecorder        record.EventRecorder
	RESTMapper           meta.RESTMapper
	ClusterClient        *util.ClusterClient
	ClusterClientSetFunc func(string, client.Client, *util.ClientOption) (*util.ClusterClient, error)
	// ClusterClientOption holds the attributes that should be injected to a Kubernetes client.
	ClusterClientOption *util.ClientOption
	PredicateFunc       predicate.Predicate
	InformerManager     genericmanager.MultiClusterInformerManager
	RatelimiterOptions  ratelimiterflag.Options

	// CertRotationCheckingInterval defines the interval of checking if the certificate need to be rotated.
	CertRotationCheckingInterval time.Duration
	// KarmadaKubeconfigNamespace is the namespace of the secret containing karmada-agent certificate.
	KarmadaKubeconfigNamespace string
	// CertRotationRemainingTimeThreshold defines the threshold of remaining time of the valid certificate.
	// If the ratio of remaining time to total time is less than or equal to this threshold, the certificate rotation starts.
	CertRotationRemainingTimeThreshold float64
}

CertRotationController is to rotate certificates.

func (*CertRotationController) Reconcile ¶

func (c *CertRotationController) Reconcile(ctx context.Context, req controllerruntime.Request) (controllerruntime.Result, error)

Reconcile performs a full reconciliation for the object referred to by the Request. The Controller will requeue the Request to be processed again if an error is non-nil or Result.Requeue is true, otherwise upon completion it will remove the work from the queue.

func (*CertRotationController) SetupWithManager ¶

func (c *CertRotationController) SetupWithManager(mgr controllerruntime.Manager) error

SetupWithManager creates a controller and register to controller manager.

Source Files ¶

View all Source files

cert_rotation_controller.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL