Documentation
¶
Overview ¶
Package certgen contains the code that handles the `certgen` subcommand for the main `contour` binary.
Index ¶
- func NewCA(cn string, expiry time.Time) ([]byte, []byte, error)
- func NewCert(caCertPEM, caKeyPEM []byte, expiry time.Time, service, namespace string) ([]byte, []byte, error)
- func WriteCertsPEM(outputDir string, certdata map[string][]byte) error
- func WriteSecretsKube(client *kubernetes.Clientset, namespace string, certdata map[string][]byte) error
- func WriteSecretsYAML(outputDir, namespace string, certdata map[string][]byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewCA ¶
NewCA generates a new CA, given the CA's CN and an expiry time. The return order is cacert, cakey, error.
func NewCert ¶
func NewCert(caCertPEM, caKeyPEM []byte, expiry time.Time, service, namespace string) ([]byte, []byte, error)
NewCert generates a new keypair given the CA keypair, the expiry time, the service name ("contour" or "envoy"), and the Kubernetes namespace the service will run in (because of the Kubernetes DNS schema.) The return values are cert, key, err.
func WriteCertsPEM ¶
WriteCertsPEM writes out all the certs in certdata to individual PEM files in outputDir
func WriteSecretsKube ¶
func WriteSecretsKube(client *kubernetes.Clientset, namespace string, certdata map[string][]byte) error
WriteSecretsKube writes all the keypairs out to Kube Secrets in the passed Kube context.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.