Version: v1.50.1 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 5, 2022 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 29 Imported by: 0




This section is empty.


View Source
var DefaultSyncPeriod = 5 * time.Minute

DefaultSyncPeriod is the default sync period for the certificate reconciler and reloader.


func AddCertificateManagementToManager

func AddCertificateManagementToManager(
	ctx context.Context,
	mgr manager.Manager,
	clock clock.Clock,
	seedWebhookConfig, shootWebhookConfig *admissionregistrationv1.MutatingWebhookConfiguration,
	atomicShootWebhookConfig *atomic.Value,
	extensionName string,
	shootWebhookManagedResourceName string,
	shootNamespaceSelector map[string]string,
	namespace, mode, url string,
) error

AddCertificateManagementToManager adds reconcilers to the given manager that manage the webhook certificates, namely - generate and auto-rotate the webhook CA and server cert using a secrets manager (in leader only) - fetch current webhook server cert and write it to disk for the webhook server to pick up (in all replicas)

func GenerateUnmanagedCertificates

func GenerateUnmanagedCertificates(providerName, certDir, mode, url string) ([]byte, error)

GenerateUnmanagedCertificates generates a one-off CA and server cert for a webhook server. The server certificate and key are written to certDir. This is useful for local development.


This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL