Documentation

Index

Constants

const (
	// IssuerACME is the name of the ACME issuer
	IssuerACME string = "acme"
	// IssuerCA is the name of the simple issuer
	IssuerCA string = "ca"
	// IssuerVault is the name of the Vault issuer
	IssuerVault string = "vault"
	// IssuerSelfSigned is a self signing issuer
	IssuerSelfSigned string = "selfsigned"
	// IssuerVenafi uses Venafi Trust Protection Platform and Venafi Cloud
	IssuerVenafi string = "venafi"
)

Variables

var Clock clock.Clock = clock.RealClock{}

Clock is defined as a package var so it can be stubbed out during tests.


Functions

func CertificateHasCondition

func CertificateHasCondition(crt *cmapi.Certificate, c cmapi.CertificateCondition) bool

CertificateHasCondition will return true if the given Certificate has a condition matching the provided CertificateCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func CertificateRequestHasCondition

func CertificateRequestHasCondition(cr *cmapi.CertificateRequest, c cmapi.CertificateRequestCondition) bool

CertificateRequestHasCondition will return true if the given CertificateRequest has a condition matching the provided CertificateRequestCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func CertificateRequestHasInvalidRequest

func CertificateRequestHasInvalidRequest(cr *cmapi.CertificateRequest) bool

This returns with true if the CertificateRequest contains an InvalidRequest condition, and returns false otherwise.

func CertificateRequestInvalidRequestMessage

func CertificateRequestInvalidRequestMessage(cr *cmapi.CertificateRequest) string

This returns with the message if the CertificateRequest contains an InvalidRequest condition, and returns "" otherwise.

func CertificateRequestReadyReason

func CertificateRequestReadyReason(cr *cmapi.CertificateRequest) string

This returns the status reason of a CertificateRequest. The order of reason hierarchy is 'Failed' -> 'Ready' -> 'Pending' -> ''

func ComputeCertificateRequestName

func ComputeCertificateRequestName(crt *cmapi.Certificate) (string, error)

func DefaultCertDuration

func DefaultCertDuration(d *metav1.Duration) time.Duration

func ExtKeyUsageStrings

func ExtKeyUsageStrings(usage []x509.ExtKeyUsage) []cmapi.KeyUsage

ExtKeyUsageStrings returns the cmapi.KeyUsage and "unknown" if not found

func ExtKeyUsageType

func ExtKeyUsageType(usage cmapi.KeyUsage) (x509.ExtKeyUsage, bool)

ExtKeyUsageType returns the relevant x509.ExtKeyUsage or false if not found

func GetCertificateCondition

func GetCertificateCondition(crt *cmapi.Certificate, conditionType cmapi.CertificateConditionType) *cmapi.CertificateCondition

func IssuerHasCondition

func IssuerHasCondition(i cmapi.GenericIssuer, c cmapi.IssuerCondition) bool

IssuerHasCondition will return true if the given GenericIssuer has a condition matching the provided IssuerCondition. Only the Type and Status field will be used in the comparison, meaning that this function will return 'true' even if the Reason, Message and LastTransitionTime fields do not match.

func IssuerKind

func IssuerKind(ref cmmeta.ObjectReference) string

issuerKind returns the kind of issuer for a certificate

func KeyUsageStrings

func KeyUsageStrings(usage x509.KeyUsage) []cmapi.KeyUsage

KeyUsageStrings returns the cmapi.KeyUsage and "unknown" if not found

func KeyUsageType

func KeyUsageType(usage cmapi.KeyUsage) (x509.KeyUsage, bool)

KeyUsageType returns the relevant x509.KeyUsage or false if not found

func NameForIssuer

func NameForIssuer(i cmapi.GenericIssuer) (string, error)

NameForIssuer determines the name of the Issuer implementation given an Issuer resource.

func RemoveCertificateCondition

func RemoveCertificateCondition(crt *cmapi.Certificate, conditionType cmapi.CertificateConditionType)

RemoteCertificateCondition will remove any condition with this condition type

func SetCertificateCondition

func SetCertificateCondition(crt *cmapi.Certificate, conditionType cmapi.CertificateConditionType, status cmmeta.ConditionStatus, reason, message string)

SetCertificateCondition will set a 'condition' on the given Certificate. - If no condition of the same type already exists, the condition will be

inserted with the LastTransitionTime set to the current time.

- If a condition of the same type and state already exists, the condition

will be updated but the LastTransitionTime will not be modified.

- If a condition of the same type and different state already exists, the

condition will be updated and the LastTransitionTime set to the current
time.

func SetCertificateRequestCondition

func SetCertificateRequestCondition(cr *cmapi.CertificateRequest, conditionType cmapi.CertificateRequestConditionType, status cmmeta.ConditionStatus, reason, message string)

SetCertificateRequestCondition will set a 'condition' on the given CertificateRequest. - If no condition of the same type already exists, the condition will be

inserted with the LastTransitionTime set to the current time.

- If a condition of the same type and state already exists, the condition

will be updated but the LastTransitionTime will not be modified.

- If a condition of the same type and different state already exists, the

condition will be updated and the LastTransitionTime set to the current
time.

func SetIssuerCondition

func SetIssuerCondition(i cmapi.GenericIssuer, conditionType cmapi.IssuerConditionType, status cmmeta.ConditionStatus, reason, message string)

SetIssuerCondition will set a 'condition' on the given GenericIssuer. - If no condition of the same type already exists, the condition will be

inserted with the LastTransitionTime set to the current time.

- If a condition of the same type and state already exists, the condition

will be updated but the LastTransitionTime will not be modified.

- If a condition of the same type and different state already exists, the

condition will be updated and the LastTransitionTime set to the current
time.

This function works with both Issuer and ClusterIssuer resources.

Types

This section is empty.