v1alpha2

package
v0.10.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2020 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package v1alpha2 contains API Schema definitions for the certificates.mesh.gloo.solo.io v1alpha2 API group +k8s:deepcopy-gen=package,register +groupName=certificates.mesh.gloo.solo.io

NOTE: Boilerplate only. Ignore this file. Used to register the Go types with the Kubernetes internal scheme

Definitions for the Kubernetes types

Definitions for the Kubernetes types

Index

Constants

This section is empty.

Variables

View Source 
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: "certificates.mesh.gloo.solo.io", Version: "v1alpha2"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
)
View Source 
var CertificateRequestStatus_State_name = map[int32]string{
	0: "PENDING",
	1: "FINISHED",
	2: "FAILED",
}
View Source 
var CertificateRequestStatus_State_value = map[string]int32{
	"PENDING":  0,
	"FINISHED": 1,
	"FAILED":   2,
}
View Source 
var IssuedCertificateStatus_State_name = map[int32]string{
	0: "PENDING",
	1: "REQUESTED",
	2: "ISSUED",
	3: "FINISHED",
	4: "FAILED",
}
View Source 
var IssuedCertificateStatus_State_value = map[string]int32{
	"PENDING":   0,
	"REQUESTED": 1,
	"ISSUED":    2,
	"FINISHED":  3,
	"FAILED":    4,
}

Functions

func AddToScheme 

func AddToScheme(s *runtime.Scheme) error

func NewCertificateRequestClient 

func NewCertificateRequestClient(client client.Client) *certificateRequestClient

func NewIssuedCertificateClient 

func NewIssuedCertificateClient(client client.Client) *issuedCertificateClient

func NewPodBounceDirectiveClient 

func NewPodBounceDirectiveClient(client client.Client) *podBounceDirectiveClient

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type CertificateRequest 

type CertificateRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CertificateRequestSpec   `json:"spec,omitempty"`
	Status CertificateRequestStatus `json:"status,omitempty"`
}

CertificateRequest is the Schema for the certificateRequest API

func (*CertificateRequest) DeepCopy 

func (in *CertificateRequest) DeepCopy() *CertificateRequest

func (*CertificateRequest) DeepCopyInto 

func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest)

func (*CertificateRequest) DeepCopyObject 

func (in *CertificateRequest) DeepCopyObject() runtime.Object

type CertificateRequestClient 

type CertificateRequestClient interface {
	CertificateRequestReader
	CertificateRequestWriter
	CertificateRequestStatusWriter
}

Client knows how to perform CRUD operations on CertificateRequests.

type CertificateRequestList 

type CertificateRequestList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CertificateRequest `json:"items"`
}

CertificateRequestList contains a list of CertificateRequest

func (*CertificateRequestList) DeepCopy 

func (in *CertificateRequestList) DeepCopy() *CertificateRequestList

func (*CertificateRequestList) DeepCopyInto 

func (in *CertificateRequestList) DeepCopyInto(out *CertificateRequestList)

func (*CertificateRequestList) DeepCopyObject 

func (in *CertificateRequestList) DeepCopyObject() runtime.Object

type CertificateRequestReader 

type CertificateRequestReader interface {
	// Get retrieves a CertificateRequest for the given object key
	GetCertificateRequest(ctx context.Context, key client.ObjectKey) (*CertificateRequest, error)

	// List retrieves list of CertificateRequests for a given namespace and list options.
	ListCertificateRequest(ctx context.Context, opts ...client.ListOption) (*CertificateRequestList, error)
}

Reader knows how to read and list CertificateRequests.

type CertificateRequestSlice 

type CertificateRequestSlice []*CertificateRequest

CertificateRequestSlice represents a slice of *CertificateRequest

type CertificateRequestSpec 

type CertificateRequestSpec struct {
	// Base64-encoded data for the PKCS#10 Certificate Signing Request issued
	// by the CertificateRequesting Agent deployed in the managed cluster, corresponding
	// to the IssuedRequest received by the CertificateRequesting Agent.
	CertificateSigningRequest []byte   `` /* 138-byte string literal not displayed */
	XXX_NoUnkeyedLiteral      struct{} `json:"-"`
	XXX_unrecognized          []byte   `json:"-"`
	XXX_sizecache             int32    `json:"-"`
}

CertificateRequests are generated by the CertificateRequesting Agent installed on managed clusters. They are used to request a signed certificate from Gloo Mesh based on a private key generated by the Agent (which never leaves the managed cluster).

When Gloo Mesh creates an IssuedCertificate on a managed cluster, the local CertificateRequesting Agent will generate a CertificateRequest corresponding to it.

Gloo Mesh will then process the Certificate Signing Request contained in the CertificateRequestSpec and write the signed SSL certificate back as a secret in the managed cluster, and update the CertificateRequest Status to point to that secret.

func (*CertificateRequestSpec) DeepCopyInto 

func (in *CertificateRequestSpec) DeepCopyInto(out *CertificateRequestSpec)

DeepCopyInto for the CertificateRequest.Spec

func (*CertificateRequestSpec) Descriptor 

func (*CertificateRequestSpec) Descriptor() ([]byte, []int)

func (*CertificateRequestSpec) Equal 

func (this *CertificateRequestSpec) Equal(that interface{}) bool

func (*CertificateRequestSpec) GetCertificateSigningRequest 

func (m *CertificateRequestSpec) GetCertificateSigningRequest() []byte

func (*CertificateRequestSpec) MarshalJSON 

func (this *CertificateRequestSpec) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for CertificateRequestSpec

func (*CertificateRequestSpec) ProtoMessage 

func (*CertificateRequestSpec) ProtoMessage()

func (*CertificateRequestSpec) Reset 

func (m *CertificateRequestSpec) Reset()

func (*CertificateRequestSpec) String 

func (m *CertificateRequestSpec) String() string

func (*CertificateRequestSpec) UnmarshalJSON 

func (this *CertificateRequestSpec) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for CertificateRequestSpec

func (*CertificateRequestSpec) XXX_DiscardUnknown 

func (m *CertificateRequestSpec) XXX_DiscardUnknown()

func (*CertificateRequestSpec) XXX_Marshal 

func (m *CertificateRequestSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CertificateRequestSpec) XXX_Merge 

func (m *CertificateRequestSpec) XXX_Merge(src proto.Message)

func (*CertificateRequestSpec) XXX_Size 

func (m *CertificateRequestSpec) XXX_Size() int

func (*CertificateRequestSpec) XXX_Unmarshal 

func (m *CertificateRequestSpec) XXX_Unmarshal(b []byte) error

type CertificateRequestStatus 

type CertificateRequestStatus struct {
	// The most recent generation observed in the the CertificateRequest metadata.
	// If the observedGeneration does not match generation, the CA has not processed the most
	// recent version of this request.
	ObservedGeneration int64 `protobuf:"varint,1,opt,name=observed_generation,json=observedGeneration,proto3" json:"observed_generation,omitempty"`
	// Any error observed which prevented the CertificateRequest from being processed.
	// If the error is empty, the request has been processed successfully
	Error string `protobuf:"bytes,2,opt,name=error,proto3" json:"error,omitempty"`
	// The current state of the CertificateRequest workflow reported by the Issuer.
	State CertificateRequestStatus_State `` /* 131-byte string literal not displayed */
	// The signed intermediate certificate issued by the CA.
	SignedCertificate []byte `protobuf:"bytes,4,opt,name=signed_certificate,json=signedCertificate,proto3" json:"signed_certificate,omitempty"`
	// The root CA used by the CA to sign the certificate.
	SigningRootCa        []byte   `protobuf:"bytes,5,opt,name=signing_root_ca,json=signingRootCa,proto3" json:"signing_root_ca,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*CertificateRequestStatus) DeepCopyInto 

func (in *CertificateRequestStatus) DeepCopyInto(out *CertificateRequestStatus)

DeepCopyInto for the CertificateRequest.Status

func (*CertificateRequestStatus) Descriptor 

func (*CertificateRequestStatus) Descriptor() ([]byte, []int)

func (*CertificateRequestStatus) Equal 

func (this *CertificateRequestStatus) Equal(that interface{}) bool

func (*CertificateRequestStatus) GetError 

func (m *CertificateRequestStatus) GetError() string

func (*CertificateRequestStatus) GetObservedGeneration 

func (m *CertificateRequestStatus) GetObservedGeneration() int64

func (*CertificateRequestStatus) GetSignedCertificate 

func (m *CertificateRequestStatus) GetSignedCertificate() []byte

func (*CertificateRequestStatus) GetSigningRootCa 

func (m *CertificateRequestStatus) GetSigningRootCa() []byte

func (*CertificateRequestStatus) GetState 

func (m *CertificateRequestStatus) GetState() CertificateRequestStatus_State

func (*CertificateRequestStatus) MarshalJSON 

func (this *CertificateRequestStatus) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for CertificateRequestStatus

func (*CertificateRequestStatus) ProtoMessage 

func (*CertificateRequestStatus) ProtoMessage()

func (*CertificateRequestStatus) Reset 

func (m *CertificateRequestStatus) Reset()

func (*CertificateRequestStatus) String 

func (m *CertificateRequestStatus) String() string

func (*CertificateRequestStatus) UnmarshalJSON 

func (this *CertificateRequestStatus) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for CertificateRequestStatus

func (*CertificateRequestStatus) XXX_DiscardUnknown 

func (m *CertificateRequestStatus) XXX_DiscardUnknown()

func (*CertificateRequestStatus) XXX_Marshal 

func (m *CertificateRequestStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CertificateRequestStatus) XXX_Merge 

func (m *CertificateRequestStatus) XXX_Merge(src proto.Message)

func (*CertificateRequestStatus) XXX_Size 

func (m *CertificateRequestStatus) XXX_Size() int

func (*CertificateRequestStatus) XXX_Unmarshal 

func (m *CertificateRequestStatus) XXX_Unmarshal(b []byte) error

type CertificateRequestStatusWriter 

type CertificateRequestStatusWriter interface {
	// Update updates the fields corresponding to the status subresource for the
	// given CertificateRequest object.
	UpdateCertificateRequestStatus(ctx context.Context, obj *CertificateRequest, opts ...client.UpdateOption) error

	// Patch patches the given CertificateRequest object's subresource.
	PatchCertificateRequestStatus(ctx context.Context, obj *CertificateRequest, patch client.Patch, opts ...client.PatchOption) error
}

StatusWriter knows how to update status subresource of a CertificateRequest object.

type CertificateRequestStatus_State 

type CertificateRequestStatus_State int32

Possible states in which a CertificateRequest can exist. 

const (
	// The CertificateRequest has yet to be picked up by the issuer.
	CertificateRequestStatus_PENDING CertificateRequestStatus_State = 0
	// The Issuer has replied to the request and the signedCertificate and SigningRootCa
	// status fields will be populated.
	CertificateRequestStatus_FINISHED CertificateRequestStatus_State = 1
	// Processing the certificate workflow failed.
	CertificateRequestStatus_FAILED CertificateRequestStatus_State = 2
)

func (CertificateRequestStatus_State) EnumDescriptor 

func (CertificateRequestStatus_State) EnumDescriptor() ([]byte, []int)

func (CertificateRequestStatus_State) String 

func (x CertificateRequestStatus_State) String() string

type CertificateRequestTransitionFunction 

type CertificateRequestTransitionFunction func(existing, desired *CertificateRequest) error

CertificateRequestTransitionFunction instructs the CertificateRequestWriter how to transition between an existing CertificateRequest object and a desired on an Upsert

type CertificateRequestWriter 

type CertificateRequestWriter interface {
	// Create saves the CertificateRequest object.
	CreateCertificateRequest(ctx context.Context, obj *CertificateRequest, opts ...client.CreateOption) error

	// Delete deletes the CertificateRequest object.
	DeleteCertificateRequest(ctx context.Context, key client.ObjectKey, opts ...client.DeleteOption) error

	// Update updates the given CertificateRequest object.
	UpdateCertificateRequest(ctx context.Context, obj *CertificateRequest, opts ...client.UpdateOption) error

	// Patch patches the given CertificateRequest object.
	PatchCertificateRequest(ctx context.Context, obj *CertificateRequest, patch client.Patch, opts ...client.PatchOption) error

	// DeleteAllOf deletes all CertificateRequest objects matching the given options.
	DeleteAllOfCertificateRequest(ctx context.Context, opts ...client.DeleteAllOfOption) error

	// Create or Update the CertificateRequest object.
	UpsertCertificateRequest(ctx context.Context, obj *CertificateRequest, transitionFuncs ...CertificateRequestTransitionFunction) error
}

Writer knows how to create, delete, and update CertificateRequests.

type Clientset 

type Clientset interface {
	// clienset for the certificates.mesh.gloo.solo.io/v1alpha2/v1alpha2 APIs
	IssuedCertificates() IssuedCertificateClient
	// clienset for the certificates.mesh.gloo.solo.io/v1alpha2/v1alpha2 APIs
	CertificateRequests() CertificateRequestClient
	// clienset for the certificates.mesh.gloo.solo.io/v1alpha2/v1alpha2 APIs
	PodBounceDirectives() PodBounceDirectiveClient
}

clienset for the certificates.mesh.gloo.solo.io/v1alpha2 APIs

func NewClientset 

func NewClientset(client client.Client) Clientset

func NewClientsetFromConfig 

func NewClientsetFromConfig(cfg *rest.Config) (Clientset, error)

type IssuedCertificate 

type IssuedCertificate struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IssuedCertificateSpec   `json:"spec,omitempty"`
	Status IssuedCertificateStatus `json:"status,omitempty"`
}

IssuedCertificate is the Schema for the issuedCertificate API

func (*IssuedCertificate) DeepCopy 

func (in *IssuedCertificate) DeepCopy() *IssuedCertificate

func (*IssuedCertificate) DeepCopyInto 

func (in *IssuedCertificate) DeepCopyInto(out *IssuedCertificate)

func (*IssuedCertificate) DeepCopyObject 

func (in *IssuedCertificate) DeepCopyObject() runtime.Object

type IssuedCertificateClient 

type IssuedCertificateClient interface {
	IssuedCertificateReader
	IssuedCertificateWriter
	IssuedCertificateStatusWriter
}

Client knows how to perform CRUD operations on IssuedCertificates.

type IssuedCertificateList 

type IssuedCertificateList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IssuedCertificate `json:"items"`
}

IssuedCertificateList contains a list of IssuedCertificate

func (*IssuedCertificateList) DeepCopy 

func (in *IssuedCertificateList) DeepCopy() *IssuedCertificateList

func (*IssuedCertificateList) DeepCopyInto 

func (in *IssuedCertificateList) DeepCopyInto(out *IssuedCertificateList)

func (*IssuedCertificateList) DeepCopyObject 

func (in *IssuedCertificateList) DeepCopyObject() runtime.Object

type IssuedCertificateReader 

type IssuedCertificateReader interface {
	// Get retrieves a IssuedCertificate for the given object key
	GetIssuedCertificate(ctx context.Context, key client.ObjectKey) (*IssuedCertificate, error)

	// List retrieves list of IssuedCertificates for a given namespace and list options.
	ListIssuedCertificate(ctx context.Context, opts ...client.ListOption) (*IssuedCertificateList, error)
}

Reader knows how to read and list IssuedCertificates.

type IssuedCertificateSlice 

type IssuedCertificateSlice []*IssuedCertificate

IssuedCertificateSlice represents a slice of *IssuedCertificate

type IssuedCertificateSpec 

type IssuedCertificateSpec struct {
	//
	//A list of hostnames and IPs to generate a certificate for.
	//This can also be set to the identity running the workload,
	//e.g. a Kubernetes service account.
	//
	//Generally for an Istio CA this will take the form `spiffe://cluster.local/ns/istio-system/sa/citadel`.
	//
	//"cluster.local" may be replaced by the root of trust domain for the mesh.
	Hosts []string `protobuf:"bytes,1,rep,name=hosts,proto3" json:"hosts,omitempty"`
	// The organization for this certificate.
	Org string `protobuf:"bytes,2,opt,name=org,proto3" json:"org,omitempty"`
	// The secret containing the root SSL certificate used to sign this IssuedCertificate (located in the Certificate Issuer's cluster).
	SigningCertificateSecret *v1.ObjectRef `` /* 135-byte string literal not displayed */
	// The secret containing the SSL certificate to be generated for this IssuedCertificate (located in the Certificate Agent's cluster).
	IssuedCertificateSecret *v1.ObjectRef `` /* 132-byte string literal not displayed */
	// A ref to a PodBounceDirective specifying a list of k8s pods to bounce
	// (delete and cause a restart) when the certificate is issued.
	// This will include the control plane pods as well as any pods
	// which share a data plane with the target mesh.
	PodBounceDirective   *v1.ObjectRef `protobuf:"bytes,5,opt,name=pod_bounce_directive,json=podBounceDirective,proto3" json:"pod_bounce_directive,omitempty"`
	XXX_NoUnkeyedLiteral struct{}      `json:"-"`
	XXX_unrecognized     []byte        `json:"-"`
	XXX_sizecache        int32         `json:"-"`
}

IssuedCertificates are used to issue SSL certificates to remote Kubernetes clusters from a central (out-of-cluster) Certificate Authority.

When an IssuedCertificate is created, a certificate is issued to a remote cluster by a central Certificate Authority via the following workflow: - The Certificate Issuer creates the IssuedCertificate resource on the remote cluster - The Certificate Signature Requesting Agent installed to the remote cluster generates a Certificate Signing Request and writes it to the status of the IssuedCertificate - Finally, the Certificate Issuer generates signed a certificate for the CSR and writes it back as Secret in the remote cluster.

Shared trust can therefore be established across clusters without requiring private keys to ever leave the node.

func (*IssuedCertificateSpec) DeepCopyInto 

func (in *IssuedCertificateSpec) DeepCopyInto(out *IssuedCertificateSpec)

DeepCopyInto for the IssuedCertificate.Spec

func (*IssuedCertificateSpec) Descriptor 

func (*IssuedCertificateSpec) Descriptor() ([]byte, []int)

func (*IssuedCertificateSpec) Equal 

func (this *IssuedCertificateSpec) Equal(that interface{}) bool

func (*IssuedCertificateSpec) GetHosts 

func (m *IssuedCertificateSpec) GetHosts() []string

func (*IssuedCertificateSpec) GetIssuedCertificateSecret 

func (m *IssuedCertificateSpec) GetIssuedCertificateSecret() *v1.ObjectRef

func (*IssuedCertificateSpec) GetOrg 

func (m *IssuedCertificateSpec) GetOrg() string

func (*IssuedCertificateSpec) GetPodBounceDirective 

func (m *IssuedCertificateSpec) GetPodBounceDirective() *v1.ObjectRef

func (*IssuedCertificateSpec) GetSigningCertificateSecret 

func (m *IssuedCertificateSpec) GetSigningCertificateSecret() *v1.ObjectRef

func (*IssuedCertificateSpec) MarshalJSON 

func (this *IssuedCertificateSpec) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for IssuedCertificateSpec

func (*IssuedCertificateSpec) ProtoMessage 

func (*IssuedCertificateSpec) ProtoMessage()

func (*IssuedCertificateSpec) Reset 

func (m *IssuedCertificateSpec) Reset()

func (*IssuedCertificateSpec) String 

func (m *IssuedCertificateSpec) String() string

func (*IssuedCertificateSpec) UnmarshalJSON 

func (this *IssuedCertificateSpec) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for IssuedCertificateSpec

func (*IssuedCertificateSpec) XXX_DiscardUnknown 

func (m *IssuedCertificateSpec) XXX_DiscardUnknown()

func (*IssuedCertificateSpec) XXX_Marshal 

func (m *IssuedCertificateSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IssuedCertificateSpec) XXX_Merge 

func (m *IssuedCertificateSpec) XXX_Merge(src proto.Message)

func (*IssuedCertificateSpec) XXX_Size 

func (m *IssuedCertificateSpec) XXX_Size() int

func (*IssuedCertificateSpec) XXX_Unmarshal 

func (m *IssuedCertificateSpec) XXX_Unmarshal(b []byte) error

type IssuedCertificateStatus 

type IssuedCertificateStatus struct {
	// The most recent generation observed in the the IssuedCertificate metadata.
	// If the observedGeneration does not match generation, the Certificate Requesting Agent has not processed the most
	// recent version of this IssuedCertificate.
	ObservedGeneration int64 `protobuf:"varint,1,opt,name=observed_generation,json=observedGeneration,proto3" json:"observed_generation,omitempty"`
	// Any error observed which prevented the CertificateRequest from being processed.
	// If the error is empty, the request has been processed successfully.
	Error string `protobuf:"bytes,2,opt,name=error,proto3" json:"error,omitempty"`
	// The current state of the IssuedCertificate workflow, reported by the agent.
	State                IssuedCertificateStatus_State `` /* 130-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}                      `json:"-"`
	XXX_unrecognized     []byte                        `json:"-"`
	XXX_sizecache        int32                         `json:"-"`
}

The IssuedCertificate status is written by the CertificateRequesting agent.

func (*IssuedCertificateStatus) DeepCopyInto 

func (in *IssuedCertificateStatus) DeepCopyInto(out *IssuedCertificateStatus)

DeepCopyInto for the IssuedCertificate.Status

func (*IssuedCertificateStatus) Descriptor 

func (*IssuedCertificateStatus) Descriptor() ([]byte, []int)

func (*IssuedCertificateStatus) Equal 

func (this *IssuedCertificateStatus) Equal(that interface{}) bool

func (*IssuedCertificateStatus) GetError 

func (m *IssuedCertificateStatus) GetError() string

func (*IssuedCertificateStatus) GetObservedGeneration 

func (m *IssuedCertificateStatus) GetObservedGeneration() int64

func (*IssuedCertificateStatus) GetState 

func (m *IssuedCertificateStatus) GetState() IssuedCertificateStatus_State

func (*IssuedCertificateStatus) MarshalJSON 

func (this *IssuedCertificateStatus) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for IssuedCertificateStatus

func (*IssuedCertificateStatus) ProtoMessage 

func (*IssuedCertificateStatus) ProtoMessage()

func (*IssuedCertificateStatus) Reset 

func (m *IssuedCertificateStatus) Reset()

func (*IssuedCertificateStatus) String 

func (m *IssuedCertificateStatus) String() string

func (*IssuedCertificateStatus) UnmarshalJSON 

func (this *IssuedCertificateStatus) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for IssuedCertificateStatus

func (*IssuedCertificateStatus) XXX_DiscardUnknown 

func (m *IssuedCertificateStatus) XXX_DiscardUnknown()

func (*IssuedCertificateStatus) XXX_Marshal 

func (m *IssuedCertificateStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IssuedCertificateStatus) XXX_Merge 

func (m *IssuedCertificateStatus) XXX_Merge(src proto.Message)

func (*IssuedCertificateStatus) XXX_Size 

func (m *IssuedCertificateStatus) XXX_Size() int

func (*IssuedCertificateStatus) XXX_Unmarshal 

func (m *IssuedCertificateStatus) XXX_Unmarshal(b []byte) error

type IssuedCertificateStatusWriter 

type IssuedCertificateStatusWriter interface {
	// Update updates the fields corresponding to the status subresource for the
	// given IssuedCertificate object.
	UpdateIssuedCertificateStatus(ctx context.Context, obj *IssuedCertificate, opts ...client.UpdateOption) error

	// Patch patches the given IssuedCertificate object's subresource.
	PatchIssuedCertificateStatus(ctx context.Context, obj *IssuedCertificate, patch client.Patch, opts ...client.PatchOption) error
}

StatusWriter knows how to update status subresource of a IssuedCertificate object.

type IssuedCertificateStatus_State 

type IssuedCertificateStatus_State int32

Possible states in which an IssuedCertificate can exist. 

const (
	// The IssuedCertificate has yet to be picked up by the agent.
	IssuedCertificateStatus_PENDING IssuedCertificateStatus_State = 0
	// The agent has created a local private key
	// and a CertificateRequest for the IssuedCertificate.
	// In this state, the agent is waiting for the Issuer
	// to issue certificates for the CertificateRequest before proceeding.
	IssuedCertificateStatus_REQUESTED IssuedCertificateStatus_State = 1
	// The certificate has been issued. Any pods that require restarting will be restarted at this point.
	IssuedCertificateStatus_ISSUED IssuedCertificateStatus_State = 2
	// The reply from the Issuer has been processed and
	// the agent has placed the final certificate secret
	// in the target location specified by the IssuedCertificate.
	IssuedCertificateStatus_FINISHED IssuedCertificateStatus_State = 3
	// Processing the certificate workflow failed.
	IssuedCertificateStatus_FAILED IssuedCertificateStatus_State = 4
)

func (IssuedCertificateStatus_State) EnumDescriptor 

func (IssuedCertificateStatus_State) EnumDescriptor() ([]byte, []int)

func (IssuedCertificateStatus_State) String 

func (x IssuedCertificateStatus_State) String() string

type IssuedCertificateTransitionFunction 

type IssuedCertificateTransitionFunction func(existing, desired *IssuedCertificate) error

IssuedCertificateTransitionFunction instructs the IssuedCertificateWriter how to transition between an existing IssuedCertificate object and a desired on an Upsert

type IssuedCertificateWriter 

type IssuedCertificateWriter interface {
	// Create saves the IssuedCertificate object.
	CreateIssuedCertificate(ctx context.Context, obj *IssuedCertificate, opts ...client.CreateOption) error

	// Delete deletes the IssuedCertificate object.
	DeleteIssuedCertificate(ctx context.Context, key client.ObjectKey, opts ...client.DeleteOption) error

	// Update updates the given IssuedCertificate object.
	UpdateIssuedCertificate(ctx context.Context, obj *IssuedCertificate, opts ...client.UpdateOption) error

	// Patch patches the given IssuedCertificate object.
	PatchIssuedCertificate(ctx context.Context, obj *IssuedCertificate, patch client.Patch, opts ...client.PatchOption) error

	// DeleteAllOf deletes all IssuedCertificate objects matching the given options.
	DeleteAllOfIssuedCertificate(ctx context.Context, opts ...client.DeleteAllOfOption) error

	// Create or Update the IssuedCertificate object.
	UpsertIssuedCertificate(ctx context.Context, obj *IssuedCertificate, transitionFuncs ...IssuedCertificateTransitionFunction) error
}

Writer knows how to create, delete, and update IssuedCertificates.

type MulticlusterCertificateRequestClient 

type MulticlusterCertificateRequestClient interface {
	// Cluster returns a CertificateRequestClient for the given cluster
	Cluster(cluster string) (CertificateRequestClient, error)
}

Provides CertificateRequestClients for multiple clusters.

func NewMulticlusterCertificateRequestClient 

func NewMulticlusterCertificateRequestClient(client multicluster.Client) MulticlusterCertificateRequestClient

type MulticlusterClientset 

type MulticlusterClientset interface {
	// Cluster returns a Clientset for the given cluster
	Cluster(cluster string) (Clientset, error)
}

MulticlusterClientset for the certificates.mesh.gloo.solo.io/v1alpha2 APIs

func NewMulticlusterClientset 

func NewMulticlusterClientset(client multicluster.Client) MulticlusterClientset

type MulticlusterIssuedCertificateClient 

type MulticlusterIssuedCertificateClient interface {
	// Cluster returns a IssuedCertificateClient for the given cluster
	Cluster(cluster string) (IssuedCertificateClient, error)
}

Provides IssuedCertificateClients for multiple clusters.

func NewMulticlusterIssuedCertificateClient 

func NewMulticlusterIssuedCertificateClient(client multicluster.Client) MulticlusterIssuedCertificateClient

type MulticlusterPodBounceDirectiveClient 

type MulticlusterPodBounceDirectiveClient interface {
	// Cluster returns a PodBounceDirectiveClient for the given cluster
	Cluster(cluster string) (PodBounceDirectiveClient, error)
}

Provides PodBounceDirectiveClients for multiple clusters.

func NewMulticlusterPodBounceDirectiveClient 

func NewMulticlusterPodBounceDirectiveClient(client multicluster.Client) MulticlusterPodBounceDirectiveClient

type PodBounceDirective 

type PodBounceDirective struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec PodBounceDirectiveSpec `json:"spec,omitempty"`
}

PodBounceDirective is the Schema for the podBounceDirective API

func (*PodBounceDirective) DeepCopy 

func (in *PodBounceDirective) DeepCopy() *PodBounceDirective

func (*PodBounceDirective) DeepCopyInto 

func (in *PodBounceDirective) DeepCopyInto(out *PodBounceDirective)

func (*PodBounceDirective) DeepCopyObject 

func (in *PodBounceDirective) DeepCopyObject() runtime.Object

type PodBounceDirectiveClient 

type PodBounceDirectiveClient interface {
	PodBounceDirectiveReader
	PodBounceDirectiveWriter
	PodBounceDirectiveStatusWriter
}

Client knows how to perform CRUD operations on PodBounceDirectives.

type PodBounceDirectiveList 

type PodBounceDirectiveList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PodBounceDirective `json:"items"`
}

PodBounceDirectiveList contains a list of PodBounceDirective

func (*PodBounceDirectiveList) DeepCopy 

func (in *PodBounceDirectiveList) DeepCopy() *PodBounceDirectiveList

func (*PodBounceDirectiveList) DeepCopyInto 

func (in *PodBounceDirectiveList) DeepCopyInto(out *PodBounceDirectiveList)

func (*PodBounceDirectiveList) DeepCopyObject 

func (in *PodBounceDirectiveList) DeepCopyObject() runtime.Object

type PodBounceDirectiveReader 

type PodBounceDirectiveReader interface {
	// Get retrieves a PodBounceDirective for the given object key
	GetPodBounceDirective(ctx context.Context, key client.ObjectKey) (*PodBounceDirective, error)

	// List retrieves list of PodBounceDirectives for a given namespace and list options.
	ListPodBounceDirective(ctx context.Context, opts ...client.ListOption) (*PodBounceDirectiveList, error)
}

Reader knows how to read and list PodBounceDirectives.

type PodBounceDirectiveSlice 

type PodBounceDirectiveSlice []*PodBounceDirective

PodBounceDirectiveSlice represents a slice of *PodBounceDirective

type PodBounceDirectiveSpec 

type PodBounceDirectiveSpec struct {
	// A list of k8s pods to bounce (delete and cause a restart)
	// when the certificate is issued.
	// This will include the control plane pods as well as any pods
	// which share a data plane with the target mesh.
	PodsToBounce         []*PodBounceDirectiveSpec_PodSelector `protobuf:"bytes,6,rep,name=pods_to_bounce,json=podsToBounce,proto3" json:"pods_to_bounce,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                              `json:"-"`
	XXX_unrecognized     []byte                                `json:"-"`
	XXX_sizecache        int32                                 `json:"-"`
}

When certificates are issued, pods may need to be bounced (restarted) to ensure they pick up the new certificates. If so, the certificate Issuer will create a PodBounceDirective containing the namespaces and labels of the pods that need to be bounced in order to pick up the new certs.

func (*PodBounceDirectiveSpec) DeepCopyInto 

func (in *PodBounceDirectiveSpec) DeepCopyInto(out *PodBounceDirectiveSpec)

DeepCopyInto for the PodBounceDirective.Spec

func (*PodBounceDirectiveSpec) Descriptor 

func (*PodBounceDirectiveSpec) Descriptor() ([]byte, []int)

func (*PodBounceDirectiveSpec) Equal 

func (this *PodBounceDirectiveSpec) Equal(that interface{}) bool

func (*PodBounceDirectiveSpec) GetPodsToBounce 

func (m *PodBounceDirectiveSpec) GetPodsToBounce() []*PodBounceDirectiveSpec_PodSelector

func (*PodBounceDirectiveSpec) MarshalJSON 

func (this *PodBounceDirectiveSpec) MarshalJSON() ([]byte, error)

MarshalJSON is a custom marshaler for PodBounceDirectiveSpec

func (*PodBounceDirectiveSpec) ProtoMessage 

func (*PodBounceDirectiveSpec) ProtoMessage()

func (*PodBounceDirectiveSpec) Reset 

func (m *PodBounceDirectiveSpec) Reset()

func (*PodBounceDirectiveSpec) String 

func (m *PodBounceDirectiveSpec) String() string

func (*PodBounceDirectiveSpec) UnmarshalJSON 

func (this *PodBounceDirectiveSpec) UnmarshalJSON(b []byte) error

UnmarshalJSON is a custom unmarshaler for PodBounceDirectiveSpec

func (*PodBounceDirectiveSpec) XXX_DiscardUnknown 

func (m *PodBounceDirectiveSpec) XXX_DiscardUnknown()

func (*PodBounceDirectiveSpec) XXX_Marshal 

func (m *PodBounceDirectiveSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodBounceDirectiveSpec) XXX_Merge 

func (m *PodBounceDirectiveSpec) XXX_Merge(src proto.Message)

func (*PodBounceDirectiveSpec) XXX_Size 

func (m *PodBounceDirectiveSpec) XXX_Size() int

func (*PodBounceDirectiveSpec) XXX_Unmarshal 

func (m *PodBounceDirectiveSpec) XXX_Unmarshal(b []byte) error

type PodBounceDirectiveSpec_PodSelector 

type PodBounceDirectiveSpec_PodSelector struct {
	// The namespace in which the pods live.
	Namespace string `protobuf:"bytes,1,opt,name=namespace,proto3" json:"namespace,omitempty"`
	// Any labels shared by the pods.
	Labels               map[string]string `` /* 153-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

Pods that will be restarted.

func (*PodBounceDirectiveSpec_PodSelector) Descriptor 

func (*PodBounceDirectiveSpec_PodSelector) Descriptor() ([]byte, []int)

func (*PodBounceDirectiveSpec_PodSelector) Equal 

func (this *PodBounceDirectiveSpec_PodSelector) Equal(that interface{}) bool

func (*PodBounceDirectiveSpec_PodSelector) GetLabels 

func (m *PodBounceDirectiveSpec_PodSelector) GetLabels() map[string]string

func (*PodBounceDirectiveSpec_PodSelector) GetNamespace 

func (m *PodBounceDirectiveSpec_PodSelector) GetNamespace() string

func (*PodBounceDirectiveSpec_PodSelector) ProtoMessage 

func (*PodBounceDirectiveSpec_PodSelector) ProtoMessage()

func (*PodBounceDirectiveSpec_PodSelector) Reset 

func (m *PodBounceDirectiveSpec_PodSelector) Reset()

func (*PodBounceDirectiveSpec_PodSelector) String 

func (m *PodBounceDirectiveSpec_PodSelector) String() string

func (*PodBounceDirectiveSpec_PodSelector) XXX_DiscardUnknown 

func (m *PodBounceDirectiveSpec_PodSelector) XXX_DiscardUnknown()

func (*PodBounceDirectiveSpec_PodSelector) XXX_Marshal 

func (m *PodBounceDirectiveSpec_PodSelector) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodBounceDirectiveSpec_PodSelector) XXX_Merge 

func (m *PodBounceDirectiveSpec_PodSelector) XXX_Merge(src proto.Message)

func (*PodBounceDirectiveSpec_PodSelector) XXX_Size 

func (m *PodBounceDirectiveSpec_PodSelector) XXX_Size() int

func (*PodBounceDirectiveSpec_PodSelector) XXX_Unmarshal 

func (m *PodBounceDirectiveSpec_PodSelector) XXX_Unmarshal(b []byte) error

type PodBounceDirectiveStatusWriter 

type PodBounceDirectiveStatusWriter interface {
	// Update updates the fields corresponding to the status subresource for the
	// given PodBounceDirective object.
	UpdatePodBounceDirectiveStatus(ctx context.Context, obj *PodBounceDirective, opts ...client.UpdateOption) error

	// Patch patches the given PodBounceDirective object's subresource.
	PatchPodBounceDirectiveStatus(ctx context.Context, obj *PodBounceDirective, patch client.Patch, opts ...client.PatchOption) error
}

StatusWriter knows how to update status subresource of a PodBounceDirective object.

type PodBounceDirectiveTransitionFunction 

type PodBounceDirectiveTransitionFunction func(existing, desired *PodBounceDirective) error

PodBounceDirectiveTransitionFunction instructs the PodBounceDirectiveWriter how to transition between an existing PodBounceDirective object and a desired on an Upsert

type PodBounceDirectiveWriter 

type PodBounceDirectiveWriter interface {
	// Create saves the PodBounceDirective object.
	CreatePodBounceDirective(ctx context.Context, obj *PodBounceDirective, opts ...client.CreateOption) error

	// Delete deletes the PodBounceDirective object.
	DeletePodBounceDirective(ctx context.Context, key client.ObjectKey, opts ...client.DeleteOption) error

	// Update updates the given PodBounceDirective object.
	UpdatePodBounceDirective(ctx context.Context, obj *PodBounceDirective, opts ...client.UpdateOption) error

	// Patch patches the given PodBounceDirective object.
	PatchPodBounceDirective(ctx context.Context, obj *PodBounceDirective, patch client.Patch, opts ...client.PatchOption) error

	// DeleteAllOf deletes all PodBounceDirective objects matching the given options.
	DeleteAllOfPodBounceDirective(ctx context.Context, opts ...client.DeleteAllOfOption) error

	// Create or Update the PodBounceDirective object.
	UpsertPodBounceDirective(ctx context.Context, obj *PodBounceDirective, transitionFuncs ...PodBounceDirectiveTransitionFunction) error
}

Writer knows how to create, delete, and update PodBounceDirectives.

Source Files

View all Source files

Directories

Path Synopsis
Definitions for the Kubernetes Controllers Definitions for the multicluster Kubernetes Controllers Definitions for the Kubernetes Controllers
 Definitions for the Kubernetes Controllers Definitions for the multicluster Kubernetes Controllers Definitions for the Kubernetes Controllers
mocks
Package mock_controller is a generated GoMock package.
 Package mock_controller is a generated GoMock package.
Package mock_v1alpha2 is a generated GoMock package.
 Package mock_v1alpha2 is a generated GoMock package.
mocks
Package mock_v1alpha2sets is a generated GoMock package.
 Package mock_v1alpha2sets is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.