v1

package

v0.0.0-...-ff96ab4 Latest Latest Go to latest Published: Feb 6, 2025 License: Apache-2.0 Imports: 3 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openshift/cluster-network-operator

Documentation ¶

Overview ¶

Package v1 contains API Schema definitions for the network v1 API group +k8s:deepcopy-gen=package,register +groupName=network.operator.openshift.io

Index ¶

Variables
type CertSpec
- func (in *CertSpec) DeepCopy() *CertSpec
- func (in *CertSpec) DeepCopyInto(out *CertSpec)
type OperatorPKI
type OperatorPKIList
type OperatorPKISpec
- func (in *OperatorPKISpec) DeepCopy() *OperatorPKISpec
- func (in *OperatorPKISpec) DeepCopyInto(out *OperatorPKISpec)
type OperatorPKIStatus
- func (in *OperatorPKIStatus) DeepCopy() *OperatorPKIStatus
- func (in *OperatorPKIStatus) DeepCopyInto(out *OperatorPKIStatus)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	GroupName    = "network.operator.openshift.io"
	GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}

	// Install is a function which adds this version to a scheme
	Install = schemeBuilder.AddToScheme
)

Functions ¶

This section is empty.

Types ¶

type CertSpec ¶

type CertSpec struct {
	// commonName is the value in the certificate's CN
	//
	// +kubebuilder:validation:MinLength=1
	CommonName string `json:"commonName"`
}

CertSpec defines common certificate configuration.

func (*CertSpec) DeepCopy ¶

func (in *CertSpec) DeepCopy() *CertSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertSpec.

func (*CertSpec) DeepCopyInto ¶

func (in *CertSpec) DeepCopyInto(out *CertSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OperatorPKI ¶

type OperatorPKI struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// +kubebuilder:validation:Required
	Spec OperatorPKISpec `json:"spec"`

	Status OperatorPKIStatus `json:"status,omitempty"`
}

OperatorPKI is a simple certificate authority. It is not intended for external use - rather, it is internal to the network operator. The CNO creates a CA and a certificate signed by that CA. The certificate has both ClientAuth and ServerAuth extended usages enabled.

More specifically, given an OperatorPKI with <name>, the CNO will manage:

- A Secret called <name>-ca with two data keys:

tls.key - the private key
tls.crt - the CA certificate

- A ConfigMap called <name>-ca with a single data key:

cabundle.crt - the CA certificate(s)

- A Secret called <name>-cert with two data keys:

tls.key - the private key
tls.crt - the certificate, signed by the CA

The CA certificate will have a validity of 10 years, rotated after 9. The target certificate will have a validity of 6 months, rotated after 3

The CA certificate will have a CommonName of "<namespace>_<name>-ca@<timestamp>", where <timestamp> is the last rotation time.

+k8s:openapi-gen=true +kubebuilder:resource:path=operatorpkis,scope=Namespaced +kubebuilder:metadata:annotations=include.release.openshift.io/self-managed-high-availability=true +kubebuilder:metadata:annotations=include.release.openshift.io/ibm-cloud-managed=true

func (*OperatorPKI) DeepCopy ¶

func (in *OperatorPKI) DeepCopy() *OperatorPKI

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPKI.

func (*OperatorPKI) DeepCopyInto ¶

func (in *OperatorPKI) DeepCopyInto(out *OperatorPKI)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OperatorPKI) DeepCopyObject ¶

func (in *OperatorPKI) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OperatorPKIList ¶

type OperatorPKIList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []OperatorPKI `json:"items"`
}

OperatorPKIList contains a list of OperatorPKI

func (*OperatorPKIList) DeepCopy ¶

func (in *OperatorPKIList) DeepCopy() *OperatorPKIList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPKIList.

func (*OperatorPKIList) DeepCopyInto ¶

func (in *OperatorPKIList) DeepCopyInto(out *OperatorPKIList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OperatorPKIList) DeepCopyObject ¶

func (in *OperatorPKIList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OperatorPKISpec ¶

type OperatorPKISpec struct {
	// targetCert configures the certificate signed by the CA. It will have
	// both ClientAuth and ServerAuth enabled
	TargetCert CertSpec `json:"targetCert"`
}

OperatorPKISpec is the PKI configuration. +k8s:openapi-gen=true +kubebuilder:validation:Required

func (*OperatorPKISpec) DeepCopy ¶

func (in *OperatorPKISpec) DeepCopy() *OperatorPKISpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPKISpec.

func (*OperatorPKISpec) DeepCopyInto ¶

func (in *OperatorPKISpec) DeepCopyInto(out *OperatorPKISpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OperatorPKIStatus ¶

type OperatorPKIStatus struct {
}

OperatorPKIStatus is not implemented.

func (*OperatorPKIStatus) DeepCopy ¶

func (in *OperatorPKIStatus) DeepCopy() *OperatorPKIStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OperatorPKIStatus.

func (*OperatorPKIStatus) DeepCopyInto ¶

func (in *OperatorPKIStatus) DeepCopyInto(out *OperatorPKIStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL