providers

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 14, 2022 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Overview

Package providers implements generic certificate provider related functionality

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ValidCertificateProviders is the list of supported certificate providers
	ValidCertificateProviders = []Kind{TresorKind, VaultKind, CertManagerKind}
)

Functions

func GetCertFromKubernetes 

func GetCertFromKubernetes(ns string, secretName string, kubeClient kubernetes.Interface) (*certificate.Certificate, error)

GetCertFromKubernetes is a helper function that loads a certificate from a Kubernetes secret The function returns an error only if a secret is found with invalid data.

func GetCertificateFromSecret 

func GetCertificateFromSecret(ns string, secretName string, cert *certificate.Certificate, kubeClient kubernetes.Interface) (*certificate.Certificate, error)

GetCertificateFromSecret is a helper function that ensures creation and synchronization of a certificate using Kubernetes Secrets backend and API atomicity.

func ValidateCertManagerOptions 

func ValidateCertManagerOptions(options CertManagerOptions) error

ValidateCertManagerOptions validates the options for cert-manager.io certificate provider

func ValidateTresorOptions 

func ValidateTresorOptions(options TresorOptions) error

ValidateTresorOptions validates the options for Tresor certificate provider

func ValidateVaultOptions 

func ValidateVaultOptions(options VaultOptions) error

ValidateVaultOptions validates the options for Hashi Vault certificate provider

Types

type CertManagerOptions 

type CertManagerOptions struct {
	IssuerName  string
	IssuerKind  string
	IssuerGroup string
}

CertManagerOptions is a type that specifies 'cert-manager.io' certificate provider options

type Config 

type Config struct {
	// contains filtered or unexported fields
}

Config is a type that stores config related to certificate providers and implements generic utility functions

func NewCertificateProvider 

func NewCertificateProvider(kubeClient kubernetes.Interface, kubeConfig *rest.Config, cfg configurator.Configurator, providerKind Kind,
	providerNamespace string, caBundleSecretName string, tresorOptions TresorOptions, vaultOptions VaultOptions,
	certManagerOptions CertManagerOptions, msgBroker *messaging.Broker) (certificate.Manager, debugger.CertificateManagerDebugger, *Config, error)

NewCertificateProvider returns a new certificate provider and associated config

func NewCertificateProviderConfig 

func NewCertificateProviderConfig(kubeClient kubernetes.Interface, kubeConfig *rest.Config, cfg configurator.Configurator, providerKind Kind,
	providerNamespace string, caBundleSecretName string, tresorOptions TresorOptions, vaultOptions VaultOptions,
	certManagerOptions CertManagerOptions, msgBroker *messaging.Broker) *Config

NewCertificateProviderConfig returns a new certificate provider config

func (*Config) GetCertificateManager 

func (c *Config) GetCertificateManager() (certificate.Manager, debugger.CertificateManagerDebugger, error)

GetCertificateManager returns the certificate manager/provider instance

func (*Config) Validate 

func (c *Config) Validate() error

Validate validates the certificate provider config

type Kind 

type Kind string

Kind specifies the certificate provider kind 

const (
	// TresorKind represents Tresor, an internal package which leverages Kubernetes secrets and signs certs on the OSM pod
	TresorKind Kind = "tresor"

	// VaultKind represents Hashi Vault; OSM is pointed to an external Vault; signing of certs happens on Vault
	VaultKind Kind = "vault"

	// CertManagerKind represents cert-manager.io; certificates are requested using cert-manager
	CertManagerKind Kind = "cert-manager"
)

func (Kind) String 

func (p Kind) String() string

String returns the Kind as a string

type TresorOptions 

type TresorOptions struct {
}

TresorOptions is a type that specifies 'Tresor' certificate provider options

type VaultOptions 

type VaultOptions struct {
	VaultProtocol string
	VaultHost     string
	VaultToken    string
	VaultRole     string
	VaultPort     int
}

VaultOptions is a type that specifies 'Hashicorp Vault' certificate provider options

Source Files

View all Source files

Directories

Path Synopsis
Package certmanager implements the certificate.Manager interface for cert-manager.io as the certificate provider.
 Package certmanager implements the certificate.Manager interface for cert-manager.io as the certificate provider.
Package tresor implements the certificate.Manager interface for Tresor, a custom certificate provider in OSM.
 Package tresor implements the certificate.Manager interface for Tresor, a custom certificate provider in OSM.
Package vault implements the certificate.Manager interface for Hashicorp Vault as the certificate provider.
 Package vault implements the certificate.Manager interface for Hashicorp Vault as the certificate provider.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.