webhooks

package

v0.0.0-...-9331f55 Latest Latest Go to latest Published: Apr 15, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vmware-tanzu/tanzu-framework

Links

Open Source Insights

Documentation ¶

Overview ¶

Package webhooks implements provides utilities for managing and configuration k8s webhooks.

Package webhooks provides functions to manage webhook TLS certificates

Index ¶

Constants
func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, ...) error
func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, ...) (*corev1.Secret, error)
func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error
func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error
type WebhookTLS

Constants ¶

View Source

const (
	RequireMinGracePeriod = time.Hour * 24
)

Variables ¶

This section is empty.

Functions ¶

func InstallCertificates ¶

func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, certPath, keyPath, labelSelector string) error

InstallCertificates saves server certificate and key in provided secret to the filesystem paths provided. Adds the CA certificate to webhook configuration matching label selector.

func InstallNewCertificates ¶

func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, certPath, keyPath, secretName, namespace, serviceName, labelSelector string) (*corev1.Secret, error)

InstallNewCertificates creates a new set of keys and certificates and saves them to the filesystem paths provided. Adds the CA certificate to webhook configurations matching label selector. Returns a secret containing the server key, sever certificate and CA certificate.

func ValidateTLSSecret ¶

func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error

ValidateTLSSecret checks secret has all required keys and certificates. Checks certificate lifetime is valid.

func WriteServerTLSToFileSystem ¶

func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error

WriteServerTLSToFileSystem writes servers certificate and key in provided secret to the filesystem paths provided.

Types ¶

type WebhookTLS ¶

type WebhookTLS struct {
	Ctx           context.Context
	K8sConfig     *rest.Config
	CertPath      string
	KeyPath       string
	Name          string
	ServiceName   string
	LabelSelector string
	Logger        logr.Logger

	Namespace    string
	RotationTime time.Duration
	// contains filtered or unexported fields
}

func (*WebhookTLS) CACert ¶

func (w *WebhookTLS) CACert() []byte

func (*WebhookTLS) ManageCertificates ¶

func (w *WebhookTLS) ManageCertificates(frequency time.Duration) error

func (*WebhookTLS) ServerCert ¶

func (w *WebhookTLS) ServerCert() []byte

func (*WebhookTLS) ServerKey ¶

func (w *WebhookTLS) ServerKey() []byte

func (*WebhookTLS) UpdateOrCreate ¶

func (w *WebhookTLS) UpdateOrCreate() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL