policies

package

v0.16.1 Latest Latest Go to latest Published: Aug 7, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jetstack/cert-manager

Links

Open Source Insights

Documentation ¶

Index ¶

func CurrentCertificateHasExpired(input Input) (string, string, bool)
func CurrentCertificateRequestValidForSpec(input Input) (string, string, bool)
func SecretDoesNotExist(input Input) (string, string, bool)
func SecretHasData(input Input) (string, string, bool)
func SecretHasUpToDateIssuerAnnotations(input Input) (string, string, bool)
func SecretPrivateKeyMatchesSpec(input Input) (string, string, bool)
func SecretPublicKeysMatch(input Input) (string, string, bool)
type Chain
- func NewTriggerPolicyChain(c clock.Clock) Chain
- func (c Chain) Evaluate(input Input) (string, string, bool)
type Func
- func CurrentCertificateNearingExpiry(c clock.Clock) Func
type Gatherer
- func (g *Gatherer) DataForCertificate(ctx context.Context, crt *cmapi.Certificate) (Input, error)
type Input

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CurrentCertificateHasExpired ¶

func CurrentCertificateHasExpired(input Input) (string, string, bool)

CurrentCertificateHasExpired is used exclusively to check if the current issued certificate has actually expired rather than just nearing expiry.

func CurrentCertificateRequestValidForSpec ¶

func CurrentCertificateRequestValidForSpec(input Input) (string, string, bool)

func SecretDoesNotExist ¶

func SecretDoesNotExist(input Input) (string, string, bool)

func SecretHasData ¶

func SecretHasData(input Input) (string, string, bool)

func SecretHasUpToDateIssuerAnnotations ¶

func SecretHasUpToDateIssuerAnnotations(input Input) (string, string, bool)

func SecretPrivateKeyMatchesSpec ¶

func SecretPrivateKeyMatchesSpec(input Input) (string, string, bool)

func SecretPublicKeysMatch ¶

func SecretPublicKeysMatch(input Input) (string, string, bool)

Types ¶

type Chain ¶

type Chain []Func

A chain of PolicyFuncs to be evaluated in order.

func NewTriggerPolicyChain ¶

func NewTriggerPolicyChain(c clock.Clock) Chain

func (Chain) Evaluate ¶

func (c Chain) Evaluate(input Input) (string, string, bool)

Evaluate will evaluate the entire policy chain using the provided input. As soon as a policy function indicates a re-issuance is required, the method will return and not evaluate the rest of the chain.

type Func ¶

type Func func(Input) (reason, message string, reissue bool)

A Func evaluates the given input data and decides whether a re-issuance is required, returning additional human readable information in the 'reason' and 'message' return parameters if so.

func CurrentCertificateNearingExpiry ¶

func CurrentCertificateNearingExpiry(c clock.Clock) Func

type Gatherer ¶

type Gatherer struct {
	CertificateRequestLister cmlisters.CertificateRequestLister
	SecretLister             corelisters.SecretLister
}

Gatherer is used to gather data about a Certificate in order to evaluate its current readiness/state by applying policy functions to it.

func (*Gatherer) DataForCertificate ¶

func (g *Gatherer) DataForCertificate(ctx context.Context, crt *cmapi.Certificate) (Input, error)

type Input ¶

type Input struct {
	Certificate            *cmapi.Certificate
	CurrentRevisionRequest *cmapi.CertificateRequest
	Secret                 *corev1.Secret
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL