Documentation
¶
Overview ¶
Package v1 contains API Schema definitions for the certmanager v1 API group +kubebuilder:object:generate=true +groupName=certmanager.ncm.nokia.com
Index ¶
Constants ¶
const ClusterIssuerKind = "ClusterIssuer"
const IssuerKind = "Issuer"
Variables ¶
var ( // GroupVersion is group version used to register these objects. GroupVersion = schema.GroupVersion{Group: "certmanager.ncm.nokia.com", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme. SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type ClusterIssuer ¶
type ClusterIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec IssuerSpec `json:"spec,omitempty"`
Status IssuerStatus `json:"status,omitempty"`
}
ClusterIssuer is the Schema for the clusterissuers API +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,shortName=ncmclusterissuers +kubebuilder:printcolumn:name="Age",type="date",JSONPath=`.metadata.creationTimestamp` +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=`.status.conditions[0].status` +kubebuilder:printcolumn:name="Reason",type=string,JSONPath=`.status.conditions[0].reason` +kubebuilder:printcolumn:name="Message",type=string,JSONPath=`.status.conditions[0].message`
func (*ClusterIssuer) DeepCopy ¶
func (in *ClusterIssuer) DeepCopy() *ClusterIssuer
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuer.
func (*ClusterIssuer) DeepCopyInto ¶
func (in *ClusterIssuer) DeepCopyInto(out *ClusterIssuer)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterIssuer) DeepCopyObject ¶
func (in *ClusterIssuer) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterIssuerList ¶
type ClusterIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterIssuer `json:"items"`
}
ClusterIssuerList contains a list of ClusterIssuer.
func (*ClusterIssuerList) DeepCopy ¶
func (in *ClusterIssuerList) DeepCopy() *ClusterIssuerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuerList.
func (*ClusterIssuerList) DeepCopyInto ¶
func (in *ClusterIssuerList) DeepCopyInto(out *ClusterIssuerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterIssuerList) DeepCopyObject ¶
func (in *ClusterIssuerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ConditionStatus ¶
type ConditionStatus string
ConditionStatus represents a condition's status. +kubebuilder:validation:Enum=True;False;Unknown
const ( // ConditionTrue represents the fact that a given condition is true. ConditionTrue ConditionStatus = "True" // ConditionFalse represents the fact that a given condition is false. ConditionFalse ConditionStatus = "False" // ConditionUnknown represents the fact that a given condition is unknown. ConditionUnknown ConditionStatus = "Unknown" )
These are valid condition statuses. "ConditionTrue" means a resource is in the condition; "ConditionFalse" means a resource is not in the condition; "ConditionUnknown" means kubernetes can't decide if a resource is in the condition or not. In the future, we could add other intermediate conditions, e.g. ConditionDegraded.
type Issuer ¶
type Issuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec IssuerSpec `json:"spec,omitempty"`
Status IssuerStatus `json:"status,omitempty"`
}
Issuer is the Schema for the issuers API +kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:shortName=ncmissuers +kubebuilder:printcolumn:name="Age",type="date",JSONPath=`.metadata.creationTimestamp` +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=`.status.conditions[0].status` +kubebuilder:printcolumn:name="Reason",type=string,JSONPath=`.status.conditions[0].reason` +kubebuilder:printcolumn:name="Message",type=string,JSONPath=`.status.conditions[0].message`
func (*Issuer) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
func (*Issuer) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Issuer) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IssuerCondition ¶
type IssuerCondition struct {
// Type of the condition, currently ('Ready').
Type IssuerConditionType `json:"type"`
// Status of the condition, one of ('True', 'False', 'Unknown').
// +kubebuilder:validation:Enum=True;False;Unknown
Status ConditionStatus `json:"status"`
// LastTransitionTime is the timestamp corresponding to the last status
// change of this condition.
// +optional
LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
// Reason is a brief machine-readable explanation for the condition's last
// transition.
// +optional
Reason ReasonType `json:"reason,omitempty"`
// Message is a human-readable description of the details of the last
// transition, complementing reason.
// +optional
Message string `json:"message,omitempty"`
}
IssuerCondition contains condition information for an Issuer.
func (*IssuerCondition) DeepCopy ¶
func (in *IssuerCondition) DeepCopy() *IssuerCondition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerCondition.
func (*IssuerCondition) DeepCopyInto ¶
func (in *IssuerCondition) DeepCopyInto(out *IssuerCondition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IssuerConditionType ¶
type IssuerConditionType string
IssuerConditionType represents an Issuer condition value. +kubebuilder:validation:Enum=Ready
const ( // IssuerConditionReady represents the fact that a given Issuer condition // is in ready state and able to issue certificates. // If the `status` of this condition is `False`, CertificateRequest controllers // should prevent attempts to sign certificates. IssuerConditionReady IssuerConditionType = "Ready" )
type IssuerList ¶
type IssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Issuer `json:"items"`
}
IssuerList contains a list of Issuer.
func (*IssuerList) DeepCopy ¶
func (in *IssuerList) DeepCopy() *IssuerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerList.
func (*IssuerList) DeepCopyInto ¶
func (in *IssuerList) DeepCopyInto(out *IssuerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IssuerList) DeepCopyObject ¶
func (in *IssuerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IssuerSpec ¶
type IssuerSpec struct {
// !DEPRECATED from build version 1.1.0
// +optional
NCMServer string `json:"ncmSERVER,omitempty"`
// !DEPRECATED from build version 1.1.0
// +optional
NCMServer2 string `json:"ncmSERVER2,omitempty"`
// CAName is a name of an existing CA in the NCM API, which
// will be used to issue certificates.
// +optional
CAName string `json:"caName,omitempty"`
// CAID is a unique identifier for existing CA in the NCM API,
// which will be used to issue certificates.
// +kubebuilder:validation:Pattern=[\w=_\-]+$
// +optional
CAID string `json:"caID,omitempty"`
// !DEPRECATED from build version 1.1.0
// +optional
CAsName string `json:"CASNAME,omitempty"`
// !DEPRECATED from build version 1.1.0
// +optional
CAsHREF string `json:"CASHREF,omitempty"`
// LittleEndian specifies the byte order, setting it to true
// will ensure that bytes are stored in LE order otherwise
// BE order will be used.
// +kubebuilder:default=false
LittleEndian bool `json:"littleEndian,omitempty"`
// !DEPRECATED from build version 1.1.0 (use PK policy in CRT kind instead)
// +kubebuilder:default=false
ReenrollmentOnRenew bool `json:"reenrollmentOnRenew,omitempty"`
// UseProfileIDForRenew determines whether the profile ID should be used
// during a certificate renewal operation
// +kubebuilder:default=false
UseProfileIDForRenew bool `json:"useProfileIDForRenew,omitempty"`
// NoRoot determines whether issuing CA certificate should be included
// in issued certificate CA field instead of root CA certificate.
// +kubebuilder:default=false
NoRoot bool `json:"noRoot,omitempty"`
// ChainInSigner determines whether certificate chain should be included in
// issued certificate CA field (intermediate certificates +
// singing CA certificate + root CA certificate).
// +kubebuilder:default=false
ChainInSigner bool `json:"chainInSigner,omitempty"`
// OnlyEECert determines whether only end-entity certificate should be included
// in issued certificate TLS field.
// +kubebuilder:default=false
OnlyEECert bool `json:"onlyEECert,omitempty"`
// ProfileID is an entity profile ID in NCM API.
// +optional
ProfileID string `json:"profileId,omitempty"`
// Provisioner contains NCM provisioner configuration.
// +optional
Provisioner *NCMProvisioner `json:"provisioner,omitempty"`
// !DEPRECATED from build version 1.1.0
// +optional
TLSSecretName string `json:"tlsSecretName"`
// !DEPRECATED from build version 1.1.0
// +optional
AuthSecretName string `json:"secretName,omitempty"`
// !DEPRECATED from build version 1.1.0
// +optional
AuthNamespace string `json:"authNameSpace,omitempty"`
}
IssuerSpec defines the desired state of Issuer.
func (*IssuerSpec) DeepCopy ¶
func (in *IssuerSpec) DeepCopy() *IssuerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerSpec.
func (*IssuerSpec) DeepCopyInto ¶
func (in *IssuerSpec) DeepCopyInto(out *IssuerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IssuerStatus ¶
type IssuerStatus struct {
// +optional
Conditions []IssuerCondition `json:"conditions,omitempty"`
}
IssuerStatus defines the observed state of Issuer
func (*IssuerStatus) DeepCopy ¶
func (in *IssuerStatus) DeepCopy() *IssuerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerStatus.
func (*IssuerStatus) DeepCopyInto ¶
func (in *IssuerStatus) DeepCopyInto(out *IssuerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NCMProvisioner ¶
type NCMProvisioner struct {
// MainAPI is the URL to the main NCM API.
MainAPI string `json:"mainAPI"`
// BackupAPI is the URL to the backup NCM API in case of
// the lack of connection to the main one.
// +optional
BackupAPI string `json:"backupAPI,omitempty"`
// HTTPClientTimeout is a maximum amount of time that the
// HTTP client will wait for a response from NCM API before
// aborting the request. By default, timeout is set to 10 seconds.
// +kubebuilder:default="10s"
HTTPClientTimeout metav1.Duration `json:"httpClientTimeout,omitempty"`
// HealthCheckerInterval is the time interval between each
// NCM API health check. By default, interval is set to 1 minute.
// +kubebuilder:default="1m"
HealthCheckerInterval metav1.Duration `json:"healthCheckerInterval,omitempty"`
// AuthRef is a reference to a Secret containing the credentials
// (user and password) needed for making requests to NCM API.
AuthRef *core.SecretReference `json:"authRef"`
// TLSRef is a reference to a Secret containing CA bundle used to
// verify connections to the NCM API. If the secret reference is not
// specified and selected protocol is HTTPS, InsecureSkipVerify
// will be used. Otherwise, TLS or mTLS connection will be used,
// depending on provided data.
// +optional
TLSRef *core.SecretReference `json:"tlsRef,omitempty"`
}
func (*NCMProvisioner) DeepCopy ¶
func (in *NCMProvisioner) DeepCopy() *NCMProvisioner
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NCMProvisioner.
func (*NCMProvisioner) DeepCopyInto ¶
func (in *NCMProvisioner) DeepCopyInto(out *NCMProvisioner)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReasonType ¶
type ReasonType string
ConditionStatus represents a condition's status. +kubebuilder:validation:Enum=SecretNotFound;Verified;Error
const ( // ReasonNotFound represents the fact that secrets needed to authenticate to the NCM API do not exist in cluster ReasonNotFound ReasonType = "SecretNotFound" // ReasonVerified represents the fact that the NCM Issuer(ClusterIssuer) are configured correctly ReasonVerified ReasonType = "Verified" // ReasonError represents the fact that the NCM Issuer(ClusterIssuer) are configured not correctly and require user interaction ReasonError ReasonType = "Error" )
Source Files