dev-pki

command
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

dev-pki bootstraps a fresh CA and a small fixed set of leaf certs (one relay + two agents) for local cluster validation.

THIS IS A DEVELOPMENT-ONLY TOOL. The agent UUIDs are fixed so manifests can pre-bake `--uri` flags; the leaf TTL defaults to 30 days (vs. production's 1 h with rotation). Do not deploy these secrets anywhere that matters.

Run: 

go run ./tools/dev-pki -out ./.dev-pki

Output: 

.dev-pki/
  ca.crt        — distribute (RootCAs / ClientCAs)
  ca.key        — keep local; needed if you re-issue
  relay-r1.{crt,key}
  agent-provider.{crt,key}
  agent-consumer.{crt,key}
  secrets.yaml  — kubectl apply -f .dev-pki/secrets.yaml

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.