Documentation ¶
Overview ¶
Package certificates implements an abstract controller that is useful for building controllers that manage CSRs
Index ¶
- func GetCertApprovalCondition(status *certificates.CertificateSigningRequestStatus) (approved bool, denied bool)
- func HasTrueCondition(csr *certificates.CertificateSigningRequest, ...) bool
- func IgnorableError(s string, args ...interface{}) ignorableError
- func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
- type CertificateController
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetCertApprovalCondition ¶ added in v1.7.0
func GetCertApprovalCondition(status *certificates.CertificateSigningRequestStatus) (approved bool, denied bool)
func HasTrueCondition ¶ added in v1.19.0
func HasTrueCondition(csr *certificates.CertificateSigningRequest, conditionType certificates.RequestConditionType) bool
HasTrueCondition returns true if the csr contains a condition of the specified type with a status that is set to True or is empty
func IgnorableError ¶ added in v1.9.0
func IgnorableError(s string, args ...interface{}) ignorableError
IgnorableError returns an error that we shouldn't handle (i.e. log) because it's spammy and usually user error. Instead we will log these errors at a higher log level. We still need to throw these errors to signal that the sync should be retried.
func IsCertificateRequestApproved ¶
func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.
Types ¶
type CertificateController ¶
type CertificateController struct {
// contains filtered or unexported fields
}
func NewCertificateController ¶
func NewCertificateController( name string, kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, handler func(*certificates.CertificateSigningRequest) error, ) *CertificateController
func (*CertificateController) Run ¶
func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})
Run the main goroutine responsible for watching and syncing jobs.
Directories ¶
Path | Synopsis |
---|---|
Package approver implements an automated approver for kubelet certificates.
|
Package approver implements an automated approver for kubelet certificates. |
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria.
|
Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria. |
Package signer implements a CA signer that uses keys stored on local disk.
|
Package signer implements a CA signer that uses keys stored on local disk. |