GO-2022-0617: WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes

clustertrustbundle

package

v1.30.5 Latest Latest Go to latest Published: Sep 12, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/kubernetes

Links

Open Source Insights

Documentation ¶

Overview ¶

Package clustertrustbundle abstracts access to ClusterTrustBundles so that projected volumes can use them.

Index ¶

type InformerManager
- func NewInformerManager(bundles certinformersv1alpha1.ClusterTrustBundleInformer, cacheSize int, ...) (*InformerManager, error)
- func (m *InformerManager) GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error)
- func (m *InformerManager) GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error)
type Manager
type NoopManager
- func (m *NoopManager) GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error)
- func (m *NoopManager) GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type InformerManager ¶

type InformerManager struct {
	// contains filtered or unexported fields
}

InformerManager is the "real" manager. It uses informers to track ClusterTrustBundle objects.

func NewInformerManager ¶

func NewInformerManager(bundles certinformersv1alpha1.ClusterTrustBundleInformer, cacheSize int, cacheTTL time.Duration) (*InformerManager, error)

NewInformerManager returns an initialized InformerManager.

func (*InformerManager) GetTrustAnchorsByName ¶

func (m *InformerManager) GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error)

GetTrustAnchorsByName returns normalized and deduplicated trust anchors from a single named ClusterTrustBundle.

func (*InformerManager) GetTrustAnchorsBySigner ¶

func (m *InformerManager) GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error)

GetTrustAnchorsBySigner returns normalized and deduplicated trust anchors from a set of selected ClusterTrustBundles.

type Manager ¶

type Manager interface {
	GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error)
	GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error)
}

Manager abstracts over the ability to get trust anchors.

type NoopManager ¶

type NoopManager struct{}

NoopManager always returns an error, for use in static kubelet mode.

func (*NoopManager) GetTrustAnchorsByName ¶

func (m *NoopManager) GetTrustAnchorsByName(name string, allowMissing bool) ([]byte, error)

GetTrustAnchorsByName implements Manager.

func (*NoopManager) GetTrustAnchorsBySigner ¶

func (m *NoopManager) GetTrustAnchorsBySigner(signerName string, labelSelector *metav1.LabelSelector, allowMissing bool) ([]byte, error)

GetTrustAnchorsBySigner implements Manager.

Source Files ¶

View all Source files

clustertrustbundle_manager.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL