trustedcabundle

package
v2.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 6, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package trustedcabundle provides utility functions to create and check trusted CA bundle configmap from DSCI CRD

Index

Constants

View Source
const (
	CAConfigMapName = "odh-trusted-ca-bundle"
	CADataFieldName = "odh-ca-bundle.crt"
)

Variables

This section is empty.

Functions

func AddCABundleConfigMapInAllNamespaces

func AddCABundleConfigMapInAllNamespaces(ctx context.Context, cli client.Client, dscInit *dsci.DSCInitialization) error

when DSCI TrustedCABundle.ManagementState is set to `Managed`.

func ConfigureTrustedCABundle

func ConfigureTrustedCABundle(ctx context.Context, cli client.Client, log logr.Logger, dscInit *dsci.DSCInitialization, managementStateChanged bool) error

func CreateOdhTrustedCABundleConfigMap

func CreateOdhTrustedCABundleConfigMap(ctx context.Context, cli client.Client, namespace string, customCAData string) error

createOdhTrustedCABundleConfigMap creates a configMap 'odh-trusted-ca-bundle' in given namespace with labels and data or update existing odh-trusted-ca-bundle configmap if already exists with new content of .data.odh-ca-bundle.crt this is certificates for the cluster trusted CA Cert Bundle.

func DeleteOdhTrustedCABundleConfigMap

func DeleteOdhTrustedCABundleConfigMap(ctx context.Context, cli client.Client, namespace string) error

func HasCABundleAnnotationDisabled

func HasCABundleAnnotationDisabled(ns client.Object) bool

return true if namespace has annotation "security.opendatahub.io/inject-trusted-ca-bundle: false" return false if annotation is "true" or not set.

func IsTrustedCABundleUpdated

func IsTrustedCABundleUpdated(ctx context.Context, cli client.Client, dscInit *dsci.DSCInitialization) (bool, error)

IsTrustedCABundleUpdated check if data in CM "odh-trusted-ca-bundle" from applciation namespace matches DSCI's TrustedCABundle.CustomCABundle return false when these two are matching => skip update return true when not match => need upate.

func RemoveCABundleConfigMapInAllNamespaces

func RemoveCABundleConfigMapInAllNamespaces(ctx context.Context, cli client.Client) *multierror.Error

when DSCI TrustedCABundle.ManagementState is set to `Removed`.

func ShouldInjectTrustedBundle

func ShouldInjectTrustedBundle(ns client.Object) bool

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL