Documentation
¶
Overview ¶
Package certificates contains logic for watching and synchronizing CertificateSigningRequests.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsCertificateRequestApproved ¶
func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.
Types ¶
type AutoApprover ¶
type AutoApprover interface {
AutoApprove(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
}
func NewGroupApprover ¶
func NewGroupApprover(approveAllKubeletCSRsForGroup string) AutoApprover
NewGroupApprover creates an approver that accepts any CSR requests where the subject group contains approveAllKubeletCSRsForGroup.
type CFSSLSigner ¶
type CFSSLSigner struct {
// contains filtered or unexported fields
}
func NewCFSSLSigner ¶
func NewCFSSLSigner(caFile, caKeyFile string) (*CFSSLSigner, error)
func (*CFSSLSigner) Sign ¶
func (cs *CFSSLSigner) Sign(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
type CertificateController ¶
type CertificateController struct {
// contains filtered or unexported fields
}
func NewCertificateController ¶
func NewCertificateController(kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, signer Signer, approver AutoApprover) (*CertificateController, error)
func (*CertificateController) Run ¶
func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})
Run the main goroutine responsible for watching and syncing jobs.
type Signer ¶
type Signer interface {
Sign(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
}
Source Files
Click to show internal directories.
Click to hide internal directories.