util

package
v0.0.0-...-5756e46 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 3, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// IssuerACME is the name of the ACME issuer
	IssuerACME string = "acme"
	// IssuerCA is the name of the simple issuer
	IssuerCA string = "ca"
	// IssuerVault is the name of the Vault issuer
	IssuerVault string = "vault"
	// IssuerSelfSigned is a self signing issuer
	IssuerSelfSigned string = "selfsigned"
	// IssuerVenafi uses Venafi Trust Protection Platform and Venafi Cloud
	IssuerVenafi string = "venafi"
)

Variables

View Source 
var Clock clock.Clock = clock.RealClock{}

Clock is defined as a package var so it can be stubbed out during tests.

Functions

func CertificateHasCondition 

func CertificateHasCondition(crt *cmapi.Certificate, c cmapi.CertificateCondition) bool

CertificateHasCondition will return true if the given Certificate has a condition matching the provided CertificateCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func CertificateHasConditionWithObservedGeneration 

func CertificateHasConditionWithObservedGeneration(crt *cmapi.Certificate, c cmapi.CertificateCondition) bool

CertificateHasConditionWithObservedGeneration will return true if the given Certificate has a condition matching the provided CertificateCondition with a ObservedGeneration that is bigger or equal to the ObservedGeneration of the provided CertificateCondition. Only the Type, Status and ObservedGeneration field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func CertificateRequestHasCondition 

func CertificateRequestHasCondition(cr *cmapi.CertificateRequest, c cmapi.CertificateRequestCondition) bool

CertificateRequestHasCondition will return true if the given CertificateRequest has a condition matching the provided CertificateRequestCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func CertificateRequestHasInvalidRequest 

func CertificateRequestHasInvalidRequest(cr *cmapi.CertificateRequest) bool

This returns with true if the CertificateRequest contains an InvalidRequest condition, and returns false otherwise.

func CertificateRequestInvalidRequestMessage 

func CertificateRequestInvalidRequestMessage(cr *cmapi.CertificateRequest) string

This returns with the message if the CertificateRequest contains an InvalidRequest condition, and returns "" otherwise.

func CertificateRequestIsApproved 

func CertificateRequestIsApproved(cr *cmapi.CertificateRequest) bool

CertificateRequestIsApproved returns true if the CertificateRequest is approved via an Approved condition of status `True`, returns false otherwise.

func CertificateRequestIsDenied 

func CertificateRequestIsDenied(cr *cmapi.CertificateRequest) bool

CertificateRequestIsDenied returns true if the CertificateRequest is denied via a Denied condition of status `True`, returns false otherwise.

func CertificateRequestReadyReason 

func CertificateRequestReadyReason(cr *cmapi.CertificateRequest) string

This returns the status reason of a CertificateRequest. The order of reason hierarchy is 'Failed' -> 'Ready' -> 'Pending' -> ”

func ComputeName 

func ComputeName(prefix string, obj interface{}) (string, error)

ComputeName hashes the given object and prefixes it with prefix. The algorithm in use is Fowler–Noll–Vo hash function and is not cryptographically secure. Using a cryptographically secure hash is not necessary.

func ComputeSecureUniqueDeterministicNameFromData 

func ComputeSecureUniqueDeterministicNameFromData(fullName string, maxNameLength int) (string, error)

ComputeSecureUniqueDeterministicNameFromData computes a deterministic name from the given data. The algorithm in use is SHA256 and is cryptographically secure. The output is a string that is safe to use as a DNS label. The output is guaranteed to be unique for the given input. The output will be at least 64 characters long.

func DNSSafeShortenTo52Characters 

func DNSSafeShortenTo52Characters(in string) string

DNSSafeShortenTo52Characters shortens the input string to 52 chars and ensures the last char is an alpha-numeric character.

func DNSSafeShortenToNCharacters 

func DNSSafeShortenToNCharacters(in string, maxLength int) string

DNSSafeShortenToNCharacters shortens the input string to N chars and ensures the last char is an alpha-numeric character.

func DefaultCertDuration 

func DefaultCertDuration(d *metav1.Duration) time.Duration

DefaultCertDuration returns d.Duration if set, otherwise returns cert-manager's default certificate duration (90 days).

func ExtKeyUsageStrings 

func ExtKeyUsageStrings(usage []x509.ExtKeyUsage) []cmapi.KeyUsage

ExtKeyUsageStrings returns the cmapi.KeyUsage and "unknown" if not found

func ExtKeyUsageType 

func ExtKeyUsageType(usage cmapi.KeyUsage) (x509.ExtKeyUsage, bool)

ExtKeyUsageType returns the relevant x509.ExtKeyUsage or false if not found

func ExtKeyUsageTypeKube 

func ExtKeyUsageTypeKube(usage certificatesv1.KeyUsage) (x509.ExtKeyUsage, bool)

ExtKeyUsageTypeKube returns the relevant x509.KeyUsage or false if not found

func GetCertificateCondition 

func GetCertificateCondition(crt *cmapi.Certificate, conditionType cmapi.CertificateConditionType) *cmapi.CertificateCondition

func GetCertificateRequestCondition 

func GetCertificateRequestCondition(req *cmapi.CertificateRequest, conditionType cmapi.CertificateRequestConditionType) *cmapi.CertificateRequestCondition

func IssuerHasCondition 

func IssuerHasCondition(i cmapi.GenericIssuer, c cmapi.IssuerCondition) bool

IssuerHasCondition will return true if the given GenericIssuer has a condition matching the provided IssuerCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func IssuerKind 

func IssuerKind(ref cmmeta.ObjectReference) string

IssuerKind returns the kind of issuer for a certificate.

func KeyUsageStrings 

func KeyUsageStrings(usage x509.KeyUsage) []cmapi.KeyUsage

KeyUsageStrings returns the cmapi.KeyUsage and "unknown" if not found

func KeyUsageType 

func KeyUsageType(usage cmapi.KeyUsage) (x509.KeyUsage, bool)

KeyUsageType returns the relevant x509.KeyUsage or false if not found

func KeyUsageTypeKube 

func KeyUsageTypeKube(usage certificatesv1.KeyUsage) (x509.KeyUsage, bool)

KeyUsageTypeKube returns the relevant x509.KeyUsage or false if not found

func KubeExtKeyUsageStrings 

func KubeExtKeyUsageStrings(usage []x509.ExtKeyUsage) []certificatesv1.KeyUsage

KubeExtKeyUsageStrings returns the certificatesv1.KeyUsage and "unknown" if not found

func KubeKeyUsageStrings 

func KubeKeyUsageStrings(usage x509.KeyUsage) []certificatesv1.KeyUsage

KubeKeyUsageStrings returns the certificatesv1.KeyUsage and "unknown" if not found

func NameForIssuer 

func NameForIssuer(i cmapi.GenericIssuer) (string, error)

NameForIssuer determines the name of the Issuer implementation given an Issuer resource.

func RemoveCertificateCondition 

func RemoveCertificateCondition(crt *cmapi.Certificate, conditionType cmapi.CertificateConditionType)

RemoveCertificateCondition will remove any condition with this condition type

func SetCertificateCondition 

func SetCertificateCondition(crt *cmapi.Certificate, observedGeneration int64, conditionType cmapi.CertificateConditionType,
	status cmmeta.ConditionStatus, reason, message string)

SetCertificateCondition will set a 'condition' on the given Certificate.

  • If no condition of the same type already exists, the condition will be inserted with the LastTransitionTime set to the current time.
  • If a condition of the same type and state already exists, the condition will be updated but the LastTransitionTime will not be modified.
  • If a condition of the same type and different state already exists, the condition will be updated with the LastTransitionTime set to the current time.

The given ObservedGeneration will always set on the condition, whether the lastTransitionTime is modified or not.

func SetCertificateRequestCondition 

func SetCertificateRequestCondition(cr *cmapi.CertificateRequest, conditionType cmapi.CertificateRequestConditionType, status cmmeta.ConditionStatus, reason, message string)

SetCertificateRequestCondition will set a 'condition' on the given CertificateRequest.

  • If no condition of the same type already exists, the condition will be inserted with the LastTransitionTime set to the current time.
  • If a condition of the same type and state already exists, the condition will be updated but the LastTransitionTime will not be modified.
  • If a condition of the same type and different state already exists, the condition will be updated and the LastTransitionTime set to the current time.

func SetIssuerCondition 

func SetIssuerCondition(i cmapi.GenericIssuer, observedGeneration int64, conditionType cmapi.IssuerConditionType, status cmmeta.ConditionStatus, reason, message string)

SetIssuerCondition will set a 'condition' on the given GenericIssuer.

  • If no condition of the same type already exists, the condition will be inserted with the LastTransitionTime set to the current time.
  • If a condition of the same type and state already exists, the condition will be updated but the LastTransitionTime will not be modified.
  • If a condition of the same type and different state already exists, the condition will be updated and the LastTransitionTime set to the current time.

This function works with both Issuer and ClusterIssuer resources.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.