Documentation ¶
Index ¶
Constants ¶
const ( // IssuerACME is the name of the ACME issuer IssuerACME string = "acme" // IssuerCA is the name of the simple issuer IssuerCA string = "ca" // IssuerVault is the name of the Vault issuer IssuerVault string = "vault" // IssuerSelfSigned is a self signing issuer IssuerSelfSigned string = "selfsigned" )
Variables ¶
This section is empty.
Functions ¶
func Register ¶
func Register(name string, c Constructor)
Register will register an issuer constructor so it can be used within the application. 'name' should be unique, and should be used to identify this issuer. TODO: move this method to be on Factory, and invent a way to obtain a SharedFactory. This will make testing easier.
Types ¶
type Constructor ¶
type Constructor func(v1alpha1.GenericIssuer, *Context) (Interface, error)
Constructor constructs an issuer given an Issuer resource and a Context. An error will be returned if the appropriate issuer is not registered.
type Context ¶
type Context struct { // Client is a Kubernetes clientset Client kubernetes.Interface // CMClient is a cert-manager clientset CMClient clientset.Interface // Recorder is an EventRecorder to log events to Recorder record.EventRecorder // SharedIndexInformer instances for Kubernetes types KubeSharedInformerFactory kubeinformers.SharedInformerFactory // instances SharedInformerFactory informers.SharedInformerFactory // ClusterResourceNamespace is the namespace to store resources created by // non-namespaced resources (e.g. ClusterIssuer) in. ClusterResourceNamespace string // ACMEHTTP01SolverImage is the image to use for solving ACME HTTP01 // challenges ACMEHTTP01SolverImage string // ClusterIssuerAmbientCredentials controls whether a cluster issuer should // pick up ambient credentials, such as those from metadata services, to // construct clients. ClusterIssuerAmbientCredentials bool // IssuerAmbientCredentials controls whether an issuer should pick up ambient // credentials, such as those from metadata services, to construct clients. IssuerAmbientCredentials bool DNS01Nameservers []string // RenewBeforeExpiryDuration is the default 'renew before expiry' time for Certificates. // Once a certificate is within this duration until expiry, a new Certificate // will be attempted to be issued. RenewBeforeExpiryDuration time.Duration }
Context contains various types that are used by Issuer implementations. We purposely don't have specific informers/listers here, and instead keep a reference to a SharedInformerFactory so that issuer constructors can choose themselves which listers are required.
type Factory ¶
type Factory interface {
IssuerFor(v1alpha1.GenericIssuer) (Interface, error)
}
Factory is an interface that can be used to obtain Issuer implementations. It determines which issuer implementation to use by introspecting the given Issuer resource.
func NewFactory ¶
NewFactory returns a new issuer factory with the given issuer context. The context will be injected into each Issuer upon creation.
type Interface ¶
type Interface interface { // Setup initialises the issuer. This may include registering accounts with // a service, creating a CA and storing it somewhere, or verifying // credentials and authorization with a remote server. Setup(ctx context.Context) error // Prepare Prepare(context.Context, *v1alpha1.Certificate) error // Issue attempts to issue a certificate as described by the certificate // resource given Issue(context.Context, *v1alpha1.Certificate) ([]byte, []byte, error) // Renew attempts to renew the certificate describe by the certificate // resource given. If no certificate exists, an error is returned. Renew(context.Context, *v1alpha1.Certificate) ([]byte, []byte, error) }
Directories ¶
Path | Synopsis |
---|---|
dns/akamai
Package akamai implements a DNS provider for solving the DNS-01 challenge using Akamai FastDNS.
|
Package akamai implements a DNS provider for solving the DNS-01 challenge using Akamai FastDNS. |
dns/azuredns
Package azuredns implements a DNS provider for solving the DNS-01 challenge using Azure DNS.
|
Package azuredns implements a DNS provider for solving the DNS-01 challenge using Azure DNS. |
dns/clouddns
Package clouddns implements a DNS provider for solving the DNS-01 challenge using Google Cloud DNS.
|
Package clouddns implements a DNS provider for solving the DNS-01 challenge using Google Cloud DNS. |
dns/cloudflare
Package cloudflare implements a DNS provider for solving the DNS-01 challenge using cloudflare DNS.
|
Package cloudflare implements a DNS provider for solving the DNS-01 challenge using cloudflare DNS. |
dns/route53
Package route53 implements a DNS provider for solving the DNS-01 challenge using AWS Route 53 DNS.
|
Package route53 implements a DNS provider for solving the DNS-01 challenge using AWS Route 53 DNS. |