ca

package
v1.8.0-beta7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 18, 2022 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrClientK8s = errors.New("k8sAPIClientError")
)

Functions

func CreateDefaultTLSCA

func CreateDefaultTLSCA(clientSet *kubernetes.Clientset, spec hlfv1alpha1.FabricCASpec) (*x509.Certificate, *ecdsa.PrivateKey, error)

func GetDeploymentName

func GetDeploymentName(releaseName string) string

func GetServiceName

func GetServiceName(releaseName string) string

func Reconcile

func Reconcile(
	req ctrl.Request,
	r *FabricCAReconciler,
	cfg *action.Configuration,
) (ctrl.Result, error)

Types

type Affiliation

type Affiliation struct {
	Name        string   `json:"name"`
	Departments []string `json:"departments"`
}

type ConfigurationFiles

type ConfigurationFiles struct {
	MysqlCnf string `json:"mysql.cnf"`
}

type Cors

type Cors struct {
	Enabled bool     `json:"enabled"`
	Origins []string `json:"origins"`
}

type Database

type Database struct {
	Type       string `json:"type"`
	Datasource string `json:"datasource"`
}

type FabricCAChart

type FabricCAChart struct {
	Istio            Istio                         `json:"istio"`
	FullNameOverride string                        `json:"fullnameOverride"`
	Image            Image                         `json:"image"`
	Service          Service                       `json:"service"`
	Persistence      Persistence                   `json:"persistence"`
	Msp              Msp                           `json:"msp"`
	Database         Database                      `json:"db"`
	Resources        Resources                     `json:"resources"`
	NodeSelector     *corev1.NodeSelector          `json:"nodeSelector,omitempty"`
	Tolerations      []corev1.Toleration           `json:"tolerations"`
	Affinity         *corev1.Affinity              `json:"affinity,omitempty"`
	Metrics          FabricCAChartMetrics          `json:"metrics"`
	Debug            bool                          `json:"debug"`
	CLRSizeLimit     int                           `json:"clrsizelimit"`
	Ca               FabricCAChartItemConf         `json:"ca"`
	TLSCA            FabricCAChartItemConf         `json:"tlsCA"`
	Cors             Cors                          `json:"cors"`
	ServiceMonitor   ServiceMonitor                `json:"serviceMonitor"`
	EnvVars          []corev1.EnvVar               `json:"envVars"`
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets"`
}

func GetConfig

func GetConfig(conf *hlfv1alpha1.FabricCA, client *kubernetes.Clientset, chartName string, namespace string) (*FabricCAChart, error)

type FabricCAChartBCCSP

type FabricCAChartBCCSP struct {
	Default string               `json:"default"`
	SW      FabricCAChartBCCSPSW `json:"sw"`
}

type FabricCAChartBCCSPSW

type FabricCAChartBCCSPSW struct {
	Hash     string `json:"hash"`
	Security string `json:"security"`
}

type FabricCAChartCFG

type FabricCAChartCFG struct {
	Identities   FabricCAChartCFGIdentities  `json:"identities"`
	Affiliations FabricCAChartCFGAffilitions `json:"affiliations"`
}

type FabricCAChartCFGAffilitions

type FabricCAChartCFGAffilitions struct {
	AllowRemove bool `json:"allowRemove"`
}

type FabricCAChartCFGIdentities

type FabricCAChartCFGIdentities struct {
	AllowRemove bool `json:"allowRemove"`
}

type FabricCAChartCRL

type FabricCAChartCRL struct {
	Expiry string `json:"expiry"`
}

type FabricCAChartCSR

type FabricCAChartCSR struct {
	CN    string               `json:"cn"`
	Hosts []string             `json:"hosts"`
	Names []FabricCAChartNames `json:"names"`
	CA    FabricCAChartCSRCA   `json:"ca"`
}

type FabricCAChartCSRCA

type FabricCAChartCSRCA struct {
	Expiry     string `json:"expiry"`
	PathLength int    `json:"pathlength"`
}

type FabricCAChartIdentity

type FabricCAChartIdentity struct {
	Name        string                     `json:"name"`
	Pass        string                     `json:"pass"`
	Type        string                     `json:"type"`
	Affiliation string                     `json:"affiliation"`
	Attrs       FabricCAChartIdentityAttrs `json:"attrs"`
}

type FabricCAChartIdentityAttrs

type FabricCAChartIdentityAttrs struct {
	RegistrarRoles string `json:"hf.Registrar.Roles"`
	DelegateRoles  string `json:"hf.Registrar.DelegateRoles"`
	Attributes     string `json:"hf.Registrar.Attributes"`
	Revoker        bool   `json:"hf.Revoker"`
	IntermediateCA bool   `json:"hf.IntermediateCA"`
	GenCRL         bool   `json:"hf.GenCRL"`
	AffiliationMgr bool   `json:"hf.AffiliationMgr"`
}

type FabricCAChartIntermediate

type FabricCAChartIntermediate struct {
	ParentServer FabricCAChartIntermediateParentServer `json:"parentServer"`
}

type FabricCAChartIntermediateEnrollment

type FabricCAChartIntermediateEnrollment struct {
	Hosts   string `json:"hosts"`
	Profile string `json:"profile"`
	Label   string `json:"label"`
}

type FabricCAChartIntermediateParentServer

type FabricCAChartIntermediateParentServer struct {
	URL    string `json:"url"`
	CAName string `json:"caName"`
}

type FabricCAChartIntermediateTLS

type FabricCAChartIntermediateTLS struct {
	CertFiles []string                           `json:"certFiles"`
	Client    FabricCAChartIntermediateTLSClient `json:"client"`
}

type FabricCAChartIntermediateTLSClient

type FabricCAChartIntermediateTLSClient struct {
	CertFile string `json:"certFile"`
	KeyFile  string `json:"keyFile"`
}

type FabricCAChartItemConf

type FabricCAChartItemConf struct {
	Name         string                    `json:"name"`
	CFG          FabricCAChartCFG          `json:"cfg"`
	CSR          FabricCAChartCSR          `json:"csr"`
	CRL          FabricCAChartCRL          `json:"crl"`
	Registry     FabricCAChartRegistry     `json:"registry"`
	Signing      FabricCASigning           `json:"signing"`
	Intermediate FabricCAChartIntermediate `json:"intermediate"`
	BCCSP        FabricCAChartBCCSP        `json:"bccsp"`
	Affiliations []Affiliation             `json:"affiliations"`
}

type FabricCAChartMetrics

type FabricCAChartMetrics struct {
	Provider string                     `json:"provider"`
	Statsd   FabricCAChartMetricsStatsd `json:"statsd"`
}

type FabricCAChartMetricsStatsd

type FabricCAChartMetricsStatsd struct {
	Network       string `json:"network"`
	Address       string `json:"address"`
	WriteInterval string `json:"writeInterval"`
	Prefix        string `json:"prefix"`
}

type FabricCAChartNames

type FabricCAChartNames struct {
	C  string `json:"C"`
	ST string `json:"ST"`
	O  string `json:"O"`
	L  string `json:"L"`
	OU string `json:"OU"`
}

type FabricCAChartRegistry

type FabricCAChartRegistry struct {
	MaxEnrollments int                     `json:"maxenrollments"`
	Identities     []FabricCAChartIdentity `json:"identities"`
}

type FabricCAChartSpecService

type FabricCAChartSpecService struct {
	ServiceType string `json:"type"`
}

type FabricCAReconciler

type FabricCAReconciler struct {
	client.Client
	ChartPath string
	Log       logr.Logger
	Scheme    *runtime.Scheme
	Config    *rest.Config
	ClientSet *kubernetes.Clientset
}

FabricCAReconciler reconciles a FabricCA object

func (*FabricCAReconciler) Reconcile

func (r *FabricCAReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

+kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas,verbs=get;list;watch;create;update;patch;delete +kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas/status,verbs=get;update;patch +kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas/finalizers,verbs=update

func (*FabricCAReconciler) SetupWithManager

func (r *FabricCAReconciler) SetupWithManager(mgr ctrl.Manager) error

type FabricCASigning added in v1.8.0

type FabricCASigning struct {
	Default  FabricCASigningDefault  `json:"default"`
	Profiles FabricCASigningProfiles `json:"profiles"`
}

type FabricCASigningDefault added in v1.8.0

type FabricCASigningDefault struct {
	// +kubebuilder:default:="8760h"
	Expiry string `json:"expiry"`
	// +kubebuilder:default:={"digital signature"}
	Usage []string `json:"usage"`
}

type FabricCASigningProfiles added in v1.8.0

type FabricCASigningProfiles struct {
	CA  FabricCASigningSignProfile `json:"ca"`
	TLS FabricCASigningTLSProfile  `json:"tls"`
}

type FabricCASigningSignProfile added in v1.8.0

type FabricCASigningSignProfile struct {
	// +kubebuilder:default:={"cert sign","crl sign"}
	Usage []string `json:"usage"`
	// +kubebuilder:default:="43800h"
	Expiry       string                               `json:"expiry"`
	CAConstraint FabricCASigningSignProfileConstraint `json:"caconstraint"`
}

type FabricCASigningSignProfileConstraint added in v1.8.0

type FabricCASigningSignProfileConstraint struct {
	// +kubebuilder:default:=true
	IsCA bool `json:"isCA"`
	// +kubebuilder:default:=0
	MaxPathLen int `json:"maxPathLen"`
}

type FabricCASigningTLSProfile added in v1.8.0

type FabricCASigningTLSProfile struct {
	// +kubebuilder:default:={"signing","key encipherment", "server auth", "client auth", "key agreement"}
	Usage []string `json:"usage"`
	// +kubebuilder:default:="8760h"
	Expiry string `json:"expiry"`
}

type Image

type Image struct {
	Repository string `json:"repository"`
	Tag        string `json:"tag"`
	PullPolicy string `json:"pullPolicy"`
}

type Ingress

type Ingress struct {
	Enabled     bool              `json:"enabled"`
	Annotations map[string]string `json:"annotations"`
	Path        string            `json:"path"`
	Hosts       []string          `json:"hosts"`
	TLS         []interface{}     `json:"tls"`
}

type Istio added in v1.1.0

type Istio struct {
	Port  int      `json:"port"`
	Hosts []string `json:"hosts"`
}

type Msp

type Msp struct {
	Keyfile        string `json:"keyfile"`
	Certfile       string `json:"certfile"`
	Chainfile      string `json:"chainfile"`
	TLSCAKeyfile   string `json:"tlsCAKeyFile"`
	TLSCACertfile  string `json:"tlsCACertFile"`
	TLSCAChainfile string `json:"tlsCAChainfile"`
	TlsKeyFile     string `json:"tlsKeyFile"`
	TlsCertFile    string `json:"tlsCertFile"`
}

type Mysql

type Mysql struct {
	Enabled            bool               `json:"enabled"`
	Image              string             `json:"image"`
	ImageTag           string             `json:"imageTag"`
	MysqlDatabase      string             `json:"mysqlDatabase"`
	MysqlUser          string             `json:"mysqlUser"`
	ConfigurationFiles ConfigurationFiles `json:"configurationFiles"`
}

type Names

type Names struct {
	C  string      `json:"c"`
	St string      `json:"st"`
	L  interface{} `json:"l"`
	O  string      `json:"o"`
	Ou string      `json:"ou"`
}

type Persistence

type Persistence struct {
	Enabled      bool              `json:"enabled"`
	Annotations  map[string]string `json:"annotations"`
	StorageClass string            `json:"storageClass"`
	AccessMode   string            `json:"accessMode"`
	Size         string            `json:"size"`
}

type Requests

type Requests struct {
	// +kubebuilder:default:="2"
	CPU string `json:"cpu"`
	// +kubebuilder:default:="4Gi"
	Memory string `json:"memory"`
}

type RequestsLimit

type RequestsLimit struct {
	CPU    string `json:"cpu"`
	Memory string `json:"memory"`
}

type Resources

type Resources struct {
	// +kubebuilder:default:="10m"
	Requests Requests `json:"requests"`
	// +kubebuilder:default:="256Mi"
	Limits RequestsLimit `json:"limits"`
}

type Service

type Service struct {
	Type string `json:"type"`
	Port int    `json:"port"`
}

type ServiceMonitor added in v1.2.1

type ServiceMonitor struct {
	Enabled           bool              `json:"enabled"`
	Labels            map[string]string `json:"labels"`
	Interval          string            `json:"interval"`
	ScrapeTimeout     string            `json:"scrapeTimeout"`
	Scheme            string            `json:"scheme"`
	Relabelings       []interface{}     `json:"relabelings"`
	TargetLabels      []interface{}     `json:"targetLabels"`
	MetricRelabelings []interface{}     `json:"metricRelabelings"`
	SampleLimit       int               `json:"sampleLimit"`
}

type Status

type Status struct {
	Status    hlfv1alpha1.DeploymentStatus
	TlsCert   string
	CACert    string
	TLSCACert string
	NodeURL   string
	NodePort  int
	NodeHost  string
}

func GetCAState

func GetCAState(clientSet *kubernetes.Clientset, ca *hlfv1alpha1.FabricCA, releaseName string, ns string) (*Status, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL