csr

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 15, 2021 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Overview

Package csr contains the logic required to generate, create and approve Certificate Signing Requests (CSR) for the Virtual Kubelet instances.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Approve added in v0.3.0

func Approve(clientSet k8s.Interface, csr *certv1.CertificateSigningRequest, reason, message string) error

Approve approves the provided CertificateSigningRequest.

func ApproverHandler added in v0.3.0

func ApproverHandler(clientset k8s.Interface, reason, message string) func(*certv1.CertificateSigningRequest)

ApproverHandler returns an handler to approve CSRs.

func CreateCSRResource added in v0.3.0

func CreateCSRResource(ctx context.Context,
	name string, client kubernetes.Interface, nodeName, namespace, distribution string) error

CreateCSRResource creates a CSR Resource for a new Virtual Kubelet instance.

func GenerateVKCSR

func GenerateVKCSR(name string, csr []byte, signerName string) *certificatesv1.CertificateSigningRequest

GenerateVKCSR generate a certificates/v1 CSR resource for a virtual-kubelet name and PEM CSR.

func GetCSRSecret added in v0.3.0

func GetCSRSecret(ctx context.Context,
	clientset kubernetes.Interface, nodeName, namespace string) (secret *v1.Secret, hasCertificate bool, err error)

GetCSRSecret returns the secret containing the CSR data.

func IsApproved added in v0.3.0

func IsApproved(csr *certv1.CertificateSigningRequest) bool

IsApproved returns whether the given CSR is approved (i.e. has a valid certificate).

func PersistCertificates added in v0.3.0

func PersistCertificates(ctx context.Context,
	clientset kubernetes.Interface, nodeName, namespace,
	csrLocation, keyLocation, certLocation string) error

PersistCertificates persists the data stored in the secret into the default path.

func StoreCertificate added in v0.3.0

func StoreCertificate(ctx context.Context,
	clientset kubernetes.Interface, certificate []byte,
	namespace, nodeName string) error

StoreCertificate stores the retrieved certificate into the CSR secret.

Types

type Watcher added in v0.3.0

type Watcher struct {
	// contains filtered or unexported fields
}

Watcher wraps the logic to be notified once a CSR change is detected.

func NewWatcher added in v0.3.0

func NewWatcher(clientset k8s.Interface, resync time.Duration, selector labels.Selector) Watcher

NewWatcher initializes a new CSR watcher for the given label selector.

func (Watcher) RegisterHandler added in v0.3.0

func (r Watcher) RegisterHandler(handler WatcherHandlerFunc)

RegisterHandler registers a new handler executed once a CSR change is detected.

func (Watcher) RegisterHandlerForName added in v0.3.0

func (r Watcher) RegisterHandlerForName(name string, handler WatcherHandlerFunc)

RegisterHandlerForName registers a new handler executed once a new CSR change with the given name is detected.

func (Watcher) RetrieveCertificate added in v0.3.0

func (r Watcher) RetrieveCertificate(ctx context.Context, csrName string) ([]byte, error)

RetrieveCertificate registers the appropriate handlers and waits for the certificate retrieval.

func (Watcher) Start added in v0.3.0

func (r Watcher) Start(ctx context.Context)

Start starts the CSR watcher.

func (Watcher) UnregisterHandler added in v0.3.0

func (r Watcher) UnregisterHandler()

UnregisterHandler un-registers the handler executed once a CSR change is detected.

func (Watcher) UnregisterHandlerForName added in v0.3.0

func (r Watcher) UnregisterHandlerForName(name string)

UnregisterHandlerForName un-registers the handler executed once a CSR change with the given name is detected.

type WatcherHandlerFunc added in v0.3.0

type WatcherHandlerFunc func(*certv1.CertificateSigningRequest)

WatcherHandlerFunc represents a the function type executed once an approved CSR is observesd by the informer.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL