issue

package

v0.3.1 Latest Latest Go to latest Published: Sep 28, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/IPA-CyberLab/kmgm

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ActionImpl(strategy Strategy, c *cli.Context) error
func EnsurePrivateKey(env *action.Environment, ktype wcrypto.KeyType, privPath string) (crypto.PrivateKey, error)
func IssuePrivateKeyAndCertificateFile(ctx context.Context, env *action.Environment, strategy Strategy, cfg *Config) error
func PrepareKeyTypePath(env *action.Environment, ktype *wcrypto.KeyType, privPath *string) error
func PromptCertPath(env *action.Environment, privPath, certPath string) (string, error)
func VerifyKeyType(path string, expected wcrypto.KeyType) (crypto.PublicKey, error)
func WriteKubernetesSecret(ctx context.Context, env *action.Environment, cfg *Config, ...) error
type CertStillValidErr
type Config
- func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error
- func (c *Config) Verify(env *action.Environment, noDefault bool) error
type IncompatibleCertErr
type Local
type Strategy

Constants ¶

View Source

const ConfigTemplateText = `` /* 2998-byte string literal not displayed */

Variables ¶

View Source

var Command = &cli.Command{
	Name:  "issue",
	Usage: "Issue a new certificate or renew an existing certificate. Generates private key if needed.",
	Flags: append(structflags.MustPopulateFlagsFromStruct(Config{}),
		&cli.BoolFlag{
			Name:  "dump-template",
			Usage: "dump configuration template yaml without making actual changes",
		},
	),
	Action: func(c *cli.Context) error {
		env := action.GlobalEnvironment
		profile, err := env.Profile()
		if err != nil {
			return err
		}

		return ActionImpl(Local{Profile: profile}, c)
	},
}

View Source

var ErrCertKeyPathConflict = errors.New("Specified path conflicts with private key output path.")

View Source

var RenewBeforeMustNotBeAutoIfNoDefaultErr = errors.New("renewBefore must not be auto if noDefault is specified.")

Functions ¶

func ActionImpl ¶ added in v0.1.0

func ActionImpl(strategy Strategy, c *cli.Context) error

func EnsurePrivateKey ¶ added in v0.1.0

func EnsurePrivateKey(env *action.Environment, ktype wcrypto.KeyType, privPath string) (crypto.PrivateKey, error)

func IssuePrivateKeyAndCertificateFile ¶ added in v0.3.0

func IssuePrivateKeyAndCertificateFile(ctx context.Context, env *action.Environment, strategy Strategy, cfg *Config) error

func PrepareKeyTypePath ¶ added in v0.1.0

func PrepareKeyTypePath(env *action.Environment, ktype *wcrypto.KeyType, privPath *string) error

func PromptCertPath ¶

func PromptCertPath(env *action.Environment, privPath, certPath string) (string, error)

func VerifyKeyType ¶ added in v0.1.0

func VerifyKeyType(path string, expected wcrypto.KeyType) (crypto.PublicKey, error)

func WriteKubernetesSecret ¶ added in v0.3.0

func WriteKubernetesSecret(ctx context.Context, env *action.Environment, cfg *Config, cacert *x509.Certificate) error

Types ¶

type CertStillValidErr ¶ added in v0.1.0

type CertStillValidErr struct {
	ValidLeft           time.Duration
	RenewBeforeOrig     period.Days
	RenewBeforeExpanded period.Days
}

func (CertStillValidErr) Error ¶ added in v0.1.0

func (e CertStillValidErr) Error() string

func (CertStillValidErr) ExitCode ¶ added in v0.2.2

func (CertStillValidErr) ExitCode() int

func (CertStillValidErr) Is ¶ added in v0.1.0

func (CertStillValidErr) Is(target error) bool

type Config ¶

type Config struct {
	PrivateKeyPath string `yaml:"privateKeyPath" flags:"priv,private key input/output path,,path"`
	CertPath       string `yaml:"certPath" flags:"cert,cert input/output path,,path"`

	KubernetesSecretPath      string `` /* 143-byte string literal not displayed */
	KubernetesSecretName      string `` /* 149-byte string literal not displayed */
	KubernetesSecretNamespace string `` /* 164-byte string literal not displayed */

	Issue *issue.Config `yaml:",inline" flags:""`

	RenewBefore period.Days `` /* 136-byte string literal not displayed */

	// This is here to avoid yaml.v3 Decoder with KnownFields(true) throwing error for valid AppFlags fields
	XXX_AppFlags appflags.AppFlags `yaml:",inline"`
}

var UnmarshalConfigTemplate *Config

func (*Config) UnmarshalYAML ¶ added in v0.3.0

func (c *Config) UnmarshalYAML(unmarshal func(interface{}) error) error

func (*Config) Verify ¶

func (c *Config) Verify(env *action.Environment, noDefault bool) error

type IncompatibleCertErr ¶ added in v0.1.0

type IncompatibleCertErr struct {
	Wrap error
}

func (IncompatibleCertErr) Error ¶ added in v0.1.0

func (e IncompatibleCertErr) Error() string

func (IncompatibleCertErr) Is ¶ added in v0.1.0

func (IncompatibleCertErr) Is(target error) bool

func (IncompatibleCertErr) Unwrap ¶ added in v0.1.0

func (e IncompatibleCertErr) Unwrap() error

type Local ¶ added in v0.2.2

type Local struct {
	Profile *storage.Profile
}

func (Local) CACert ¶ added in v0.3.0

func (l Local) CACert(ctx context.Context, env *action.Environment) *x509.Certificate

func (Local) EnsureCA ¶ added in v0.2.2

func (l Local) EnsureCA(ctx context.Context, env *action.Environment) error

func (Local) Issue ¶ added in v0.2.2

func (Local) Issue(ctx context.Context, env *action.Environment, pub crypto.PublicKey, cfg *issue.Config) ([]byte, error)

type Strategy ¶ added in v0.2.2

type Strategy interface {
	EnsureCA(ctx context.Context, env *action.Environment) error
	CACert(ctx context.Context, env *action.Environment) *x509.Certificate
	Issue(ctx context.Context, env *action.Environment, pub crypto.PublicKey, cfg *issue.Config) ([]byte, error)
}

Source Files ¶

View all Source files

issue.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL