webhooks

package

v0.25.4 Latest Latest Go to latest Published: Dec 13, 2022 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vmware-tanzu/tanzu-framework

Links

Open Source Insights

Documentation ¶

Overview ¶

Package webhooks implements provides utilities for managing and configuration k8s webhooks.

Package webhooks provides functions to manage webhook TLS certificates

Index ¶

func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, ...) error
func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, ...) (*corev1.Secret, error)
func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error
func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error
type WebhookTLS

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func InstallCertificates ¶ added in v0.22.0

func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, certPath, keyPath, labelSelector string) error

InstallCertificates saves server certificate and key in provided secret to the filesystem paths provided. Adds the CA certificate to webhook configuration matching label selector.

func InstallNewCertificates ¶

func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, certPath, keyPath, secretName, namespace, serviceName, labelSelector string) (*corev1.Secret, error)

InstallNewCertificates creates a new set of keys and certificates and saves them to the filesystem paths provided. Adds the CA certificate to webhook configurations matching label selector. Returns a secret containing the server key, sever certificate and CA certificate.

func ValidateTLSSecret ¶

func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error

ValidateTLSSecret checks secret has all required keys and certificates. Checks certificate lifetime is valid.

func WriteServerTLSToFileSystem ¶ added in v0.22.0

func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error

WriteServerTLSToFileSystem writes servers certificate and key in provided secret to the filesystem paths provided.

Types ¶

type WebhookTLS ¶ added in v0.20.0

type WebhookTLS struct {
	Ctx           context.Context
	K8sConfig     *rest.Config
	CertPath      string
	KeyPath       string
	Name          string
	ServiceName   string
	LabelSelector string
	Logger        logr.Logger

	Namespace    string
	RotationTime time.Duration
	// contains filtered or unexported fields
}

func (*WebhookTLS) CACert ¶ added in v0.20.0

func (w *WebhookTLS) CACert() []byte

func (*WebhookTLS) ManageCertificates ¶ added in v0.20.0

func (w *WebhookTLS) ManageCertificates(frequency time.Duration) error

func (*WebhookTLS) ServerCert ¶ added in v0.20.0

func (w *WebhookTLS) ServerCert() []byte

func (*WebhookTLS) ServerKey ¶ added in v0.20.0

func (w *WebhookTLS) ServerKey() []byte

func (*WebhookTLS) UpdateOrCreate ¶ added in v0.20.0

func (w *WebhookTLS) UpdateOrCreate() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL