Documentation
¶
Index ¶
- Constants
- Variables
- func FindRootCA(ctx context.Context, k8s client.Client, ...) (*heistv1alpha1.VaultCertificateAuthority, error)
- func GetAnnotationValue(object client.Object, annotations ...string) (string, bool)
- func GetCAInfoSecretPath(ca *heistv1alpha1.VaultCertificateAuthority) string
- func GetCAPrivateKeySecretPath(ca *heistv1alpha1.VaultCertificateAuthority) string
- func GetPolicyNameForCertificateAuthorityPrivateInfo(ca *heistv1alpha1.VaultCertificateAuthority) string
- func GetPolicyNameForCertificateAuthorityPublicInfo(ca *heistv1alpha1.VaultCertificateAuthority) string
- func GetPolicyNameForCertificateIssuing(cert *heistv1alpha1.VaultCertificateRole) string
- func GetPolicyNameForCertificateSignCSR(cert *heistv1alpha1.VaultCertificateRole) string
- func GetPolicyNameForCertificateSignVerbatim(cert *heistv1alpha1.VaultCertificateRole) string
- func GetPolicyNameForSecret(secret *heistv1alpha1.VaultKVSecret) string
- func GetPolicyNameForTransitKeyDatakey(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyDecrypt(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyEncrypt(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyHmac(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyRead(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyRewrap(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeySign(key *heistv1alpha1.VaultTransitKey) string
- func GetPolicyNameForTransitKeyVerify(key *heistv1alpha1.VaultTransitKey) string
- type TestDataWrapper
Constants ¶
View Source
const ( // CAPrivateKeyField is the field name in an internal secret containing a private key. CAPrivateKeyField = "private_key" // CAPrivateKeyTypeField is the field name in an internal secret containing the private key type. CAPrivateKeyTypeField = "private_key_type" // CACertificateField is the field name in an internal secret containing the certificate. CACertificateField = "certificate" // CACertificateChainField is the field name in an internal secret containing the certificate chain. CACertificateChainField = "certificate_chain" // CACertificateFullChainField is the field name in an internal secret containing the full cert chain (including root cert). CACertificateFullChainField = "full_certificate_chain" // CAIssuerField is the field name in an internal secret containing the issuing certificate. CAIssuerField = "issuer" // CASerialNumberField is the field name in an internal secret containing the certificate serial number. CASerialNumberField = "serial_number" )
View Source
const InternalKvEngineMountPath = "managed/_heist_internal"
View Source
const (
// YouniqxFinalizer defines the finalizer value used by all CRDs.
YouniqxFinalizer = "youniqx.com/finalizer"
)
Variables ¶
View Source
var InternalKvEngine = &kvengine.KvEngine{ Path: InternalKvEngineMountPath, Config: &kvengine.Config{ MaxVersions: 0, CasRequired: true, DeleteVersionAfter: "", }, }
InternalKvEngine is the KV Secret Engine used by Heist to persist internal data.
View Source
var Requeue = ctrl.Result{ Requeue: true, RequeueAfter: requeueAfter, }
Requeue unifies the returned controller result when an error occurs. By default it the handling of the CRD is queued to run in 5 seconds.
Functions ¶
func FindRootCA ¶
func FindRootCA(ctx context.Context, k8s client.Client, ca *heistv1alpha1.VaultCertificateAuthority) (*heistv1alpha1.VaultCertificateAuthority, error)
func GetAnnotationValue ¶
func GetCAInfoSecretPath ¶
func GetCAInfoSecretPath(ca *heistv1alpha1.VaultCertificateAuthority) string
func GetCAPrivateKeySecretPath ¶
func GetCAPrivateKeySecretPath(ca *heistv1alpha1.VaultCertificateAuthority) string
func GetPolicyNameForCertificateAuthorityPrivateInfo ¶
func GetPolicyNameForCertificateAuthorityPrivateInfo(ca *heistv1alpha1.VaultCertificateAuthority) string
func GetPolicyNameForCertificateAuthorityPublicInfo ¶
func GetPolicyNameForCertificateAuthorityPublicInfo(ca *heistv1alpha1.VaultCertificateAuthority) string
func GetPolicyNameForCertificateIssuing ¶
func GetPolicyNameForCertificateIssuing(cert *heistv1alpha1.VaultCertificateRole) string
func GetPolicyNameForCertificateSignCSR ¶
func GetPolicyNameForCertificateSignCSR(cert *heistv1alpha1.VaultCertificateRole) string
func GetPolicyNameForCertificateSignVerbatim ¶
func GetPolicyNameForCertificateSignVerbatim(cert *heistv1alpha1.VaultCertificateRole) string
func GetPolicyNameForSecret ¶
func GetPolicyNameForSecret(secret *heistv1alpha1.VaultKVSecret) string
func GetPolicyNameForTransitKeyDatakey ¶
func GetPolicyNameForTransitKeyDatakey(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyDecrypt ¶
func GetPolicyNameForTransitKeyDecrypt(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyEncrypt ¶
func GetPolicyNameForTransitKeyEncrypt(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyHmac ¶
func GetPolicyNameForTransitKeyHmac(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyRead ¶
func GetPolicyNameForTransitKeyRead(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyRewrap ¶
func GetPolicyNameForTransitKeyRewrap(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeySign ¶
func GetPolicyNameForTransitKeySign(key *heistv1alpha1.VaultTransitKey) string
func GetPolicyNameForTransitKeyVerify ¶
func GetPolicyNameForTransitKeyVerify(key *heistv1alpha1.VaultTransitKey) string
Types ¶
type TestDataWrapper ¶
type TestDataWrapper struct {
K8sClient client.Client
TestEnv *envtest.Environment
VaultEnv testenv.TestEnv
RootAPI vault.API
K8sEnv testhelper.KubernetesTestHelper
DefaultCipherText string
}
Source Files
Click to show internal directories.
Click to hide internal directories.