Documentation ¶
Overview ¶
Package certificates implements an abstract controller that is useful for building controllers that manage CSRs
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetCertApprovalCondition ¶
func GetCertApprovalCondition(status *certificates.CertificateSigningRequestStatus) (approved bool, denied bool)
func IgnorableError ¶
func IgnorableError(s string, args ...interface{}) ignorableError
IgnorableError returns an error that we shouldn't handle (i.e. log) because it's spammy and usually user error. Instead we will log these errors at a higher log level. We still need to throw these errors to signal that the sync should be retried.
func IsCertificateRequestApproved ¶
func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.
Types ¶
type CertificateController ¶
type CertificateController struct {
// contains filtered or unexported fields
}
func NewCertificateController ¶
func NewCertificateController( kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, handler func(*certificates.CertificateSigningRequest) error, ) *CertificateController
func (*CertificateController) Run ¶
func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})
Run the main goroutine responsible for watching and syncing jobs.
Directories ¶
Path | Synopsis |
---|---|
Package approver implements an automated approver for kubelet certificates.
|
Package approver implements an automated approver for kubelet certificates. |
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria.
|
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria. |
Package signer implements a CA signer that uses keys stored on local disk.
|
Package signer implements a CA signer that uses keys stored on local disk. |
Click to show internal directories.
Click to hide internal directories.