Version: v1.50.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2022 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 11 Imported by: 10




This section is empty.


This section is empty.


func GenerateAllSecrets

func GenerateAllSecrets(ctx context.Context, sm secretsmanager.Interface, secretConfigs []SecretConfigWithOptions) (map[string]*corev1.Secret, error)

GenerateAllSecrets takes care of generating all secret configs with the given SecretsManager (first CA configs, then the rest).

func SecretsManagerForCluster

func SecretsManagerForCluster(ctx context.Context, logger logr.Logger, clock clock.Clock, c client.Client, cluster *extensionscontroller.Cluster, identity string, secretConfigs []SecretConfigWithOptions) (secretsmanager.Interface, error)

SecretsManagerForCluster initializes a new SecretsManager for the given Cluster. It takes care about rotating CAs among the given secretConfigs in lockstep with all other shoot cluster CAs. It basically makes sure your extension fulfills the requirements for shoot CA rotation when managing secrets with this SecretsManager. I.e., it - initiates rotation of CAs according to cluster.shoot.status.credentials.rotation.certificateAuthorities.lastInitiationTime - keeps old CA secrets during CA rotation - removes old CA secrets on Cleanup() if cluster.shoot.status.credentials.rotation.certificateAuthorities.phase == Completing


type SecretConfigWithOptions

type SecretConfigWithOptions struct {
	// Config contains the secret config to generate.
	Config secretutils.ConfigInterface
	// Options contains options for generating Config.
	Options []secretsmanager.GenerateOption

SecretConfigWithOptions combines a secret config with options that should be used for generating it.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL