Back to

Package policies

Latest Go to latest

The latest major version is .

Published: Aug 7, 2020 | License: Apache-2.0 | Module:


func CurrentCertificateHasExpired

func CurrentCertificateHasExpired(input Input) (string, string, bool)

CurrentCertificateHasExpired is used exclusively to check if the current issued certificate has actually expired rather than just nearing expiry.

func CurrentCertificateRequestValidForSpec

func CurrentCertificateRequestValidForSpec(input Input) (string, string, bool)

func SecretDoesNotExist

func SecretDoesNotExist(input Input) (string, string, bool)

func SecretHasData

func SecretHasData(input Input) (string, string, bool)

func SecretHasUpToDateIssuerAnnotations

func SecretHasUpToDateIssuerAnnotations(input Input) (string, string, bool)

func SecretPrivateKeyMatchesSpec

func SecretPrivateKeyMatchesSpec(input Input) (string, string, bool)

func SecretPublicKeysMatch

func SecretPublicKeysMatch(input Input) (string, string, bool)

type Chain

type Chain []Func

A chain of PolicyFuncs to be evaluated in order.

func NewTriggerPolicyChain

func NewTriggerPolicyChain(c clock.Clock) Chain

func (Chain) Evaluate

func (c Chain) Evaluate(input Input) (string, string, bool)

Evaluate will evaluate the entire policy chain using the provided input. As soon as a policy function indicates a re-issuance is required, the method will return and not evaluate the rest of the chain.

type Func

type Func func(Input) (reason, message string, reissue bool)

A Func evaluates the given input data and decides whether a re-issuance is required, returning additional human readable information in the 'reason' and 'message' return parameters if so.

func CurrentCertificateNearingExpiry

func CurrentCertificateNearingExpiry(c clock.Clock) Func

type Gatherer

type Gatherer struct {
	CertificateRequestLister cmlisters.CertificateRequestLister
	SecretLister             corelisters.SecretLister

Gatherer is used to gather data about a Certificate in order to evaluate its current readiness/state by applying policy functions to it.

func (*Gatherer) DataForCertificate

func (g *Gatherer) DataForCertificate(ctx context.Context, crt *cmapi.Certificate) (Input, error)

type Input

type Input struct {
	Certificate            *cmapi.Certificate
	CurrentRevisionRequest *cmapi.CertificateRequest
	Secret                 *corev1.Secret

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier