csr

package

v0.5.0-beta.1 Latest Latest Go to latest Published: Jun 9, 2022 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package csr contains the logic required to generate, create and approve Certificate Signing Requests (CSR) for the Virtual Kubelet instances.

Index ¶

func Approve(clientSet k8s.Interface, csr *certv1.CertificateSigningRequest, ...) error
func ApproverHandler(clientset k8s.Interface, reason, message string) func(*certv1.CertificateSigningRequest)
func CreateCSRResource(ctx context.Context, name string, client kubernetes.Interface, ...) error
func GenerateVKCSR(name string, csr []byte, signerName string) *certificatesv1.CertificateSigningRequest
func GetCSRSecret(ctx context.Context, clientset kubernetes.Interface, ...) (secret *v1.Secret, hasCertificate bool, err error)
func IsApproved(csr *certv1.CertificateSigningRequest) bool
func PersistCertificates(ctx context.Context, clientset kubernetes.Interface, ...) error
func StoreCertificate(ctx context.Context, clientset kubernetes.Interface, certificate []byte, ...) error
type Watcher
- func NewWatcher(clientset k8s.Interface, resync time.Duration, selector labels.Selector) Watcher
type WatcherHandlerFunc

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Approve ¶ added in v0.3.0

func Approve(clientSet k8s.Interface, csr *certv1.CertificateSigningRequest, reason, message string) error

Approve approves the provided CertificateSigningRequest.

func ApproverHandler ¶ added in v0.3.0

func ApproverHandler(clientset k8s.Interface, reason, message string) func(*certv1.CertificateSigningRequest)

ApproverHandler returns an handler to approve CSRs.

func CreateCSRResource ¶ added in v0.3.0

func CreateCSRResource(ctx context.Context,
	name string, client kubernetes.Interface, nodeName, namespace, distribution string, podIP net.IP) error

CreateCSRResource creates a CSR Resource for a new Virtual Kubelet instance.

func GenerateVKCSR ¶

func GenerateVKCSR(name string, csr []byte, signerName string) *certificatesv1.CertificateSigningRequest

GenerateVKCSR generate a certificates/v1 CSR resource for a virtual-kubelet name and PEM CSR.

func GetCSRSecret ¶ added in v0.3.0

func GetCSRSecret(ctx context.Context,
	clientset kubernetes.Interface, nodeName, namespace string) (secret *v1.Secret, hasCertificate bool, err error)

GetCSRSecret returns the secret containing the CSR data.

func IsApproved ¶ added in v0.3.0

func IsApproved(csr *certv1.CertificateSigningRequest) bool

IsApproved returns whether the given CSR is approved (i.e. has a valid certificate).

func PersistCertificates ¶ added in v0.3.0

func PersistCertificates(ctx context.Context,
	clientset kubernetes.Interface, nodeName, namespace,
	csrLocation, keyLocation, certLocation string) error

PersistCertificates persists the data stored in the secret into the default path.

func StoreCertificate ¶ added in v0.3.0

func StoreCertificate(ctx context.Context,
	clientset kubernetes.Interface, certificate []byte,
	namespace, nodeName string) error

StoreCertificate stores the retrieved certificate into the CSR secret.

Types ¶

type Watcher ¶ added in v0.3.0

type Watcher struct {
	// contains filtered or unexported fields
}

Watcher wraps the logic to be notified once a CSR change is detected.

func NewWatcher ¶ added in v0.3.0

func NewWatcher(clientset k8s.Interface, resync time.Duration, selector labels.Selector) Watcher

NewWatcher initializes a new CSR watcher for the given label selector.

func (Watcher) RegisterHandler ¶ added in v0.3.0

func (r Watcher) RegisterHandler(handler WatcherHandlerFunc)

RegisterHandler registers a new handler executed once a CSR change is detected.

func (Watcher) RegisterHandlerForName ¶ added in v0.3.0

func (r Watcher) RegisterHandlerForName(name string, handler WatcherHandlerFunc)

RegisterHandlerForName registers a new handler executed once a new CSR change with the given name is detected.

func (Watcher) RetrieveCertificate ¶ added in v0.3.0

func (r Watcher) RetrieveCertificate(ctx context.Context, csrName string) ([]byte, error)

RetrieveCertificate registers the appropriate handlers and waits for the certificate retrieval.

func (Watcher) Start ¶ added in v0.3.0

func (r Watcher) Start(ctx context.Context)

Start starts the CSR watcher.

func (Watcher) UnregisterHandler ¶ added in v0.3.0

func (r Watcher) UnregisterHandler()

UnregisterHandler un-registers the handler executed once a CSR change is detected.

func (Watcher) UnregisterHandlerForName ¶ added in v0.3.0

func (r Watcher) UnregisterHandlerForName(name string)

UnregisterHandlerForName un-registers the handler executed once a CSR change with the given name is detected.

type WatcherHandlerFunc ¶ added in v0.3.0

type WatcherHandlerFunc func(*certv1.CertificateSigningRequest)

WatcherHandlerFunc represents a the function type executed once an approved CSR is observesd by the informer.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL