cert

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 17, 2018 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package cert provides functions to manage certificates for webhookClientConfiguration.

Create a Provisioner with a CertWriter.

provisioner := Provisioner{
	CertWriter: admission.NewSecretCertWriter(admission.SecretCertWriterOptions{...}),
}

Provision the certificates for the webhookClientConfig

err := provisioner.Provision(Options{
	ClientConfig: webhookClientConfig,
	Objects: []runtime.Object{mutatingWebhookConfiguration, validatingWebhookConfiguration}
})
if err != nil {
	// handle error
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Options

type Options struct {
	// ClientConfig is the WebhookClientCert that contains the information to generate
	// the certificate. The CA Certificate will be updated in the ClientConfig.
	// The updated ClientConfig will be used to inject into other runtime.Objects,
	// e.g. MutatingWebhookConfiguration and ValidatingWebhookConfiguration.
	ClientConfig *admissionregistrationv1beta1.WebhookClientConfig
	// Objects are the objects that will use the ClientConfig above.
	Objects []runtime.Object
	// Dryrun controls if the objects are sent to the API server or write to io.Writer
	Dryrun bool
}

Options are options for provisioning the certificate.

type Provisioner

type Provisioner struct {
	// CertWriter knows how to persist the certificate.
	CertWriter writer.CertWriter
}

Provisioner provisions certificates for webhook configurations and writes them to an output destination - such as a Secret or local file. Provisioner can update the CA field of certain resources with the CA of the certs.

func (*Provisioner) Provision

func (cp *Provisioner) Provision(options Options) (bool, error)

Provision provisions certificates for for the WebhookClientConfig. It ensures the cert and CA are valid and not expiring. It updates the CABundle in the webhookClientConfig if necessary. It inject the WebhookClientConfig into options.Objects.

Directories

Path Synopsis
Package generator provides an interface and implementation to provision certificates.
Package generator provides an interface and implementation to provision certificates.
Package writer provides method to provision and persist the certificates.
Package writer provides method to provision and persist the certificates.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL