Documentation
¶
Index ¶
- Constants
- func ErrInvalid(err error) error
- func IsInvalid(err error) bool
- type Manager
- type ManagerOption
- func WithEventRecorder(r event.Recorder) ManagerOption
- func WithFilesystem(fs afero.Fs) ManagerOption
- func WithForceHTTPSHostsFile(forceHTTPSHostsFile string) ManagerOption
- func WithLogger(l *zap.Logger) ManagerOption
- func WithMetrics(mx Metrics) ManagerOption
- func WithSubscriber(s Subscriber) ManagerOption
- func WithValidator(v Validator) ManagerOption
- type Metrics
- type Subscriber
- type Validator
Constants ¶
const ( LabelNamespace = "namespace" LabelIngressName = "ingress_name" LabelSecretName = "secret_name" LabelContext = "context" LabelAllowHTTP = "allow_http" )
Labels used by metrics and logs.
const ( ContextUpsertIngress = "upsert_ingress" ContextUpsertSecret = "upsert_secret" ContextDeleteIngress = "delete_ingress" ContextDeleteSecret = "delete_secret" )
Error contexts used as metric labels.
Variables ¶
This section is empty.
Functions ¶
func ErrInvalid ¶
ErrInvalid wraps an error such that it will fulfill IsInvalid.
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
A Manager persists ingress TLS cert pairs to disk. Manager implements cache.ResourceEventHandler in order to consume notifications about
func NewManager ¶
func NewManager(dir string, s kubernetes.SecretStore, o ...ManagerOption) (*Manager, error)
NewManager creates a new certificate manager.
func (*Manager) OnAdd ¶
func (m *Manager) OnAdd(obj interface{})
OnAdd handles notifications of new ingress or secret resources.
type ManagerOption ¶
A ManagerOption can be used to configure new certificate managers.
func WithEventRecorder ¶
func WithEventRecorder(r event.Recorder) ManagerOption
WithEventRecorder configures a certificate manager's Kubernetes event recorder. The event recorder will emit events when certificate pairs change.
func WithFilesystem ¶
func WithFilesystem(fs afero.Fs) ManagerOption
WithFilesystem configures a certificate manager's filesystem implementation.
func WithForceHTTPSHostsFile ¶
func WithForceHTTPSHostsFile(forceHTTPSHostsFile string) ManagerOption
WithForceHTTPSHostsFile specifies the location to the file hal5d will manage containing hostnames that should be denied http traffic.
func WithLogger ¶
func WithLogger(l *zap.Logger) ManagerOption
WithLogger configures a certificate manager's logger.
func WithMetrics ¶
func WithMetrics(mx Metrics) ManagerOption
WithMetrics configures a certificate manager's metrics.
func WithSubscriber ¶
func WithSubscriber(s Subscriber) ManagerOption
WithSubscriber registers a subscriber to a certificate manager. Each subscriber will be called every time the managed cert pairs change.
func WithValidator ¶
func WithValidator(v Validator) ManagerOption
WithValidator configures a certificate manager's validator. The validator will be called to test any new cert pairs before they are committed.
type Metrics ¶
type Metrics struct {
Writes metrics.CounterVec
Deletes metrics.CounterVec
Errors metrics.CounterVec
Invalids metrics.CounterVec
}
Metrics that may be exposed by a certificate manager.
type Subscriber ¶
type Subscriber interface {
// Changed is called every time the managed certificates change.
Changed()
}
A Subscriber is notified synchronously every time the cert pairs change.
Source Files