Documentation ¶
Index ¶
Constants ¶
View Source
const ( // ServingCertSecretAnnotation stores the name of the secret to generate into. ServingCertSecretAnnotation = "service.alpha.openshift.io/serving-cert-secret-name" // ServingCertCreatedByAnnotation stores the of the signer common name. This could be used later to see if the // services need to have the the serving certs regenerated. The presence and matching of this annotation prevents // regeneration ServingCertCreatedByAnnotation = "service.alpha.openshift.io/serving-cert-signed-by" // ServingCertErrorAnnotation stores the error that caused cert generation failures. ServingCertErrorAnnotation = "service.alpha.openshift.io/serving-cert-generation-error" // ServingCertErrorNumAnnotation stores how many consecutive errors we've hit. A value of the maxRetries will prevent // the controller from reattempting until it is cleared. ServingCertErrorNumAnnotation = "service.alpha.openshift.io/serving-cert-generation-error-num" // ServiceUIDAnnotation is an annotation on a secret that indicates which service created it, by UID ServiceUIDAnnotation = "service.alpha.openshift.io/originating-service-uid" // ServiceNameAnnotation is an annotation on a secret that indicates which service created it, by Name to allow reverse lookups on services // for comparison against UIDs ServiceNameAnnotation = "service.alpha.openshift.io/originating-service-name" // ServingCertExpiryAnnotation is an annotation that holds the expiry time of the certificate. It accepts time in the // RFC3339 format: 2018-11-29T17:44:39Z ServingCertExpiryAnnotation = "service.alpha.openshift.io/expiry" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ServiceServingCertController ¶
type ServiceServingCertController struct {
// contains filtered or unexported fields
}
ServiceServingCertController is responsible for synchronizing Service objects stored in the system with actual running replica sets and pods.
func NewServiceServingCertController ¶
func NewServiceServingCertController(services informers.ServiceInformer, secrets informers.SecretInformer, serviceClient kcoreclient.ServicesGetter, secretClient kcoreclient.SecretsGetter, ca *crypto.CA, dnsSuffix string, resyncInterval time.Duration) *ServiceServingCertController
NewServiceServingCertController creates a new ServiceServingCertController. TODO this should accept a shared informer
func (*ServiceServingCertController) Run ¶
func (sc *ServiceServingCertController) Run(workers int, stopCh <-chan struct{})
Run begins watching and syncing.
type ServiceServingCertUpdateController ¶
type ServiceServingCertUpdateController struct {
// contains filtered or unexported fields
}
ServiceServingCertUpdateController is responsible for synchronizing Service objects stored in the system with actual running replica sets and pods.
func NewServiceServingCertUpdateController ¶
func NewServiceServingCertUpdateController(services informers.ServiceInformer, secrets informers.SecretInformer, secretClient kcoreclient.SecretsGetter, ca *crypto.CA, dnsSuffix string, resyncInterval time.Duration) *ServiceServingCertUpdateController
NewServiceServingCertUpdateController creates a new ServiceServingCertUpdateController. TODO this should accept a shared informer
func (*ServiceServingCertUpdateController) Run ¶
func (sc *ServiceServingCertUpdateController) Run(workers int, stopCh <-chan struct{})
Run begins watching and syncing.
type ServingCertOptions ¶
type ServingCertOptions struct {
Config *servicecertsignerv1alpha1.ServiceServingCertSignerConfig
}
func (*ServingCertOptions) RunServingCert ¶
func (o *ServingCertOptions) RunServingCert(clientConfig *rest.Config, stopCh <-chan struct{}) error
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package extensions defines cryptographic extensions for OpenShift.
|
Package extensions defines cryptographic extensions for OpenShift. |
Click to show internal directories.
Click to hide internal directories.