The highest tagged major version is v2.

spec

package

v0.6.1 Latest Latest Go to latest Published: Jun 4, 2020 License: Apache-2.0 Imports: 1 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/giantswarm/certctl

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertSigner ¶

type CertSigner interface {
	// Issue generates a new signed certificate with respect to the given
	// configuration.
	Issue(config IssueConfig) (IssueResponse, error)

	// SignedPath returns the path under which a certificate can be generated.
	// This is very specific to Vault. The path structure is the following. See
	// also https://github.com/hashicorp/vault/blob/6f0f46deb622ba9c7b14b2ec0be24cab3916f3d8/website/source/docs/secrets/pki/index.html.md#pkiissue.
	//
	//		 When organizations is blank:
	//     pki-<clusterID>/issue/role-<clusterID>
	//
	//     When organizations is not blank
	//     pki-<clusterID>/issue/role-org-<organizationsHash>
	//
	//     organizationsHash is a deterministic urlsafe hash that is always the
	//     same regardless of what order you give the organizations in.
	//
	SignedPath(clusterID string, organizations []string) string
}

CertSigner manages the process of issuing new certificate key pairs

type IssueConfig ¶

type IssueConfig struct {
	// ClusterID represents the cluster ID a new certificate should be issued
	// for.
	ClusterID string `json:"cluster_id"`

	// CommonName is the common name used to configure the issued certificate
	// that is being requested.
	CommonName string `json:"common_name"`

	// Organizations is a comma seperated list of organizations ("O"'s) for the issued cert's
	// subject line.
	Organizations string `json:"organizations"`

	// IPSANs represents a comma separate lists of IPs.
	IPSANs string `json:"ip_sans"`

	// AltNames names represents a comma separate list of alternative names.
	AltNames string `json:"alt_names"`

	// TTL configures the time to live for the requested certificate. This is a
	// golang time string with the allowed units s, m and h.
	TTL string `json:"ttl"`

	AllowedDomains   string `json:"allowed_domains"`
	AllowBareDomains bool   `json:"allow_bare_domains"`
	RoleTTL          string `json:"role_ttl"`
}

IssueConfig is used to configure the process of issuing a certificate key pair using the CertSigner.

type IssueResponse ¶

type IssueResponse struct {
	Certificate  string `json:"certificate"`
	PrivateKey   string `json:"private_key"`
	IssuingCA    string `json:"issuing_ca"`
	SerialNumber string `json:"serial_number"`
}

type VaultFactory ¶

type VaultFactory interface {
	// NewClient creates a new Vault client configured with an admin token.
	NewClient() (*vault.Client, error)
}

VaultFactory implements a factory that is able to create Vault clients.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL