Documentation ¶
Index ¶
- Constants
- func CleanAllCerts(client kubernetes.Interface, certclient certclient.Interface, ns string) error
- func CleanCertManagerResources(certclient certclient.Interface, ns string, ic kube.IngressConfig) error
- func CleanCerts(client kubernetes.Interface, certclient certclient.Interface, ns string, ...) error
- func CreateCertManagerResources(certclient certclient.Interface, targetNamespace string, ic kube.IngressConfig) error
- func CreateIssuer(certclient certclient.Interface, ns string, ic kube.IngressConfig) error
- func WaitCertificateExists(client certclient.Interface, name string, ns string, timeout time.Duration) error
- func WaitCertificateIssuedReady(client certclient.Interface, name string, ns string, timeout time.Duration) error
- func WatchCertificatesIssuedReady(ctx context.Context, client certclient.Interface, ns string) (<-chan Certificate, error)
- type Certificate
Constants ¶
const ( // CertManagerNamespace indicates the namespace where is cert-manager deployed CertManagerNamespace = "cert-manager" // CertManagerDeployment indicates the name of the cert-manager deployment CertManagerDeployment = "cert-manager" // CertManagerReleaseName indicates the release name for cert-manager chart CertManagerReleaseName = "cert-manager" // CertManagerChartOwner is the owner of the cert-manager chart repo CertManagerChartOwner = "jetstack" // CertManagerChartURL is the URL for the repo containing the cert-manager chart CertManagerChartURL = "https://charts.jetstack.io" // CertManagerChart name of the cert-manager chart CertManagerChart = "jetstack/cert-manager" // CertManagerCRDsFile files which contains the cert-manager CRDs CertManagerCRDsFile = "https://raw.githubusercontent.com/jetstack/cert-manager/v0.9.1/deploy/manifests/00-crds.yaml" // CertManagerIssuerProd name of the production issuer CertManagerIssuerProd = "letsencrypt-prod" // CertManagerIssuerStaging name of the staging issuer CertManagerIssuerStaging = "letsencrypt-staging" )
const CertSecretPrefix = "tls-"
CertSecretPrefix used as prefix for all certificate object names
Variables ¶
This section is empty.
Functions ¶
func CleanAllCerts ¶
func CleanAllCerts(client kubernetes.Interface, certclient certclient.Interface, ns string) error
CleanAllCerts removes all certs and their associated secrets which hold a TLS certificated issued by cert-manager
func CleanCertManagerResources ¶
func CleanCertManagerResources(certclient certclient.Interface, ns string, ic kube.IngressConfig) error
CleanCertManagerResources removed the cert-manager resources from the given namespaces
func CleanCerts ¶
func CleanCerts(client kubernetes.Interface, certclient certclient.Interface, ns string, filter []Certificate) error
CleanCerts removes the certs and their associated secrets which hold a TLS certificate issued by cert-manager
func CreateCertManagerResources ¶
func CreateCertManagerResources(certclient certclient.Interface, targetNamespace string, ic kube.IngressConfig) error
CreateCertManagerResources creates the cert-manager resources such as issuer in the target namespace
func CreateIssuer ¶
func CreateIssuer(certclient certclient.Interface, ns string, ic kube.IngressConfig) error
CreateIssuer creates a cert-manager issuer according with the ingress configuration
func WaitCertificateExists ¶
func WaitCertificateExists(client certclient.Interface, name string, ns string, timeout time.Duration) error
WaitCertificateExists waits until the timeout for the certificate with the provided name to be available in the certificates list
func WaitCertificateIssuedReady ¶
func WaitCertificateIssuedReady(client certclient.Interface, name string, ns string, timeout time.Duration) error
WaitCertificateIssuedReady wait for a certificate issued by cert-manager until is ready or the timeout is reached
func WatchCertificatesIssuedReady ¶
func WatchCertificatesIssuedReady(ctx context.Context, client certclient.Interface, ns string) (<-chan Certificate, error)
WatchCertificatesIssuedReady starts watching for ready certificate in the given namespace. If the namespace is empty, it will watch the entire cluster. The caller can stop watching by cancelling the context.
Types ¶
type Certificate ¶
type Certificate struct { // Name certificate name Name string //Namespace certificate namespace Namespace string }
Certificate keeps some information related to a certificate issued by cert-manager
func GetIssuedReadyCertificates ¶
func GetIssuedReadyCertificates(client certclient.Interface, ns string) ([]Certificate, error)
GetIssuedReadyCertificates returns the current ready certificates in the given namespace
func ToCertificates ¶
func ToCertificates(services []*v1.Service) []Certificate
ToCertificates converts a list of services into a list of certificates. The certificate name is built from the application label of the service.
func (Certificate) String ¶
func (c Certificate) String() string
String returns the certificate information in a string format