certificate

package

v25.8.3 Latest Latest Go to latest Published: Aug 8, 2025 License: MIT Imports: 24 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mariadb-operator/mariadb-operator

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type CertHandler
type CertReconciler
- func NewCertReconciler(client client.Client, scheme *runtime.Scheme, recorder record.EventRecorder, ...) *CertReconciler
- func (r *CertReconciler) Reconcile(ctx context.Context, certOpts ...CertReconcilerOpt) (*ReconcileResult, error)
type CertReconcilerOpt
type CertReconcilerOpts
- func NewDefaultCertificateOpts() *CertReconcilerOpts
type DefaultCertHandler
- func (h *DefaultCertHandler) HandleExpiredCert(ctx context.Context) error
- func (h *DefaultCertHandler) ShouldRenewCert(ctx context.Context, caKeyPair *pki.KeyPair) (shouldRenew bool, reason string, err error)
type ReconcileResult
- func (r *ReconcileResult) IsZero() bool
type RelatedObject
type SecretType

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrSkipCertRenewal = errors.New("skipping certificate renewal")
)

Functions ¶

This section is empty.

Types ¶

type CertHandler ¶

type CertHandler interface {
	ShouldRenewCert(ctx context.Context, caKeyPair *pki.KeyPair) (shouldRenew bool, reason string, err error)
	HandleExpiredCert(ctx context.Context) error
}

type CertReconciler ¶

type CertReconciler struct {
	client.Client
	// contains filtered or unexported fields
}

func NewCertReconciler ¶

func NewCertReconciler(client client.Client, scheme *runtime.Scheme, recorder record.EventRecorder,
	discovery *discovery.Discovery, builder *builder.Builder) *CertReconciler

func (*CertReconciler) Reconcile ¶

func (r *CertReconciler) Reconcile(ctx context.Context, certOpts ...CertReconcilerOpt) (*ReconcileResult, error)

type CertReconcilerOpt ¶

type CertReconcilerOpt func(*CertReconcilerOpts)

func WithCA ¶

func WithCA(shouldIssue bool, secretKey types.NamespacedName) CertReconcilerOpt

func WithCABundle ¶

func WithCABundle(secretKey mariadbv1alpha1.SecretKeySelector, namespace string) CertReconcilerOpt

func WithCACommonName ¶

func WithCACommonName(commonName string) CertReconcilerOpt

func WithCALifetime ¶

func WithCALifetime(lifetime time.Duration) CertReconcilerOpt

func WithCASecretType ¶

func WithCASecretType(secretType SecretType) CertReconcilerOpt

func WithCert ¶

func WithCert(shouldIssue bool, secretKey types.NamespacedName, dnsNames []string) CertReconcilerOpt

func WithCertExtKeyUsage ¶

func WithCertExtKeyUsage(extKeyUsage ...x509.ExtKeyUsage) CertReconcilerOpt

func WithCertHandler ¶

func WithCertHandler(certHandler CertHandler) CertReconcilerOpt

func WithCertIssuerRef ¶

func WithCertIssuerRef(issuerRef *cmmeta.ObjectReference) CertReconcilerOpt

func WithCertKeyUsage ¶

func WithCertKeyUsage(keyUsage x509.KeyUsage) CertReconcilerOpt

func WithCertLifetime ¶

func WithCertLifetime(lifetime time.Duration) CertReconcilerOpt

func WithClientCertKeyUsage ¶

func WithClientCertKeyUsage() CertReconcilerOpt

func WithRelatedObject ¶

func WithRelatedObject(obj RelatedObject) CertReconcilerOpt

func WithRenewBeforePercentage ¶

func WithRenewBeforePercentage(percentage int32) CertReconcilerOpt

func WithServerCertKeyUsage ¶

func WithServerCertKeyUsage() CertReconcilerOpt

func WithSupportedPrivateKeys ¶

func WithSupportedPrivateKeys(privateKeys ...pki.PrivateKey) CertReconcilerOpt

type CertReconcilerOpts ¶

type CertReconcilerOpts struct {
	// contains filtered or unexported fields
}

func NewDefaultCertificateOpts ¶

func NewDefaultCertificateOpts() *CertReconcilerOpts

func (*CertReconcilerOpts) CAx509Opts ¶

func (o *CertReconcilerOpts) CAx509Opts() ([]pki.X509Opt, error)

func (*CertReconcilerOpts) Certx509Opts ¶

func (o *CertReconcilerOpts) Certx509Opts() ([]pki.X509Opt, error)

func (*CertReconcilerOpts) KeyPairOpts ¶

func (o *CertReconcilerOpts) KeyPairOpts() []pki.KeyPairOpt

type DefaultCertHandler ¶

type DefaultCertHandler struct{}

func (*DefaultCertHandler) HandleExpiredCert ¶

func (h *DefaultCertHandler) HandleExpiredCert(ctx context.Context) error

func (*DefaultCertHandler) ShouldRenewCert ¶

func (h *DefaultCertHandler) ShouldRenewCert(ctx context.Context, caKeyPair *pki.KeyPair) (shouldRenew bool, reason string, err error)

type ReconcileResult ¶

type ReconcileResult struct {
	ctrl.Result
	CAKeyPair   *pki.KeyPair
	CertKeyPair *pki.KeyPair
}

func (*ReconcileResult) IsZero ¶

func (r *ReconcileResult) IsZero() bool

type RelatedObject ¶

type RelatedObject interface {
	runtime.Object
	metav1.Object
}

type SecretType ¶

type SecretType int

const (
	SecretTypeCA SecretType = iota
	SecretTypeTLS
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL