certmanager

package module
v0.0.0-...-fcb0882 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// RootCAIssuerPublicLabel for public RootCA to issue public TLS Certs
	RootCAIssuerPublicLabel = "osp-rootca-issuer-public"
	// RootCAIssuerInternalLabel for internal RootCA to issue internal TLS Certs
	RootCAIssuerInternalLabel = "osp-rootca-issuer-internal"
	// RootCAIssuerOvnDBLabel for internal RootCA to issue OVN TLS Certs
	RootCAIssuerOvnDBLabel = "osp-rootca-issuer-ovn"
	// RootCAIssuerLibvirtLabel for internal RootCA to issue libvirt TLS Certs
	RootCAIssuerLibvirtLabel = "osp-rootca-issuer-libvirt"
)

Variables

This section is empty.

Functions

func CAIssuer 

func CAIssuer(
	name string,
	namespace string,
	labels map[string]string,
	secretName string,
) *certmgrv1.Issuer

CAIssuer returns an CA issuer.

func Cert 

func Cert(
	name string,
	namespace string,
	labels map[string]string,
	spec certmgrv1.CertificateSpec,
) *certmgrv1.Certificate

Cert returns an initialized certificate request obj. minimal spec should be: Spec: 

dnsNames:
- keystone-public-openstack.apps-crc.testing
issuerRef:
   kind: Issuer
   name: osp-rootca-issuer
secretName: keystone-public-cert

func EnsureCert 

func EnsureCert(
	ctx context.Context,
	helper *helper.Helper,
	request CertificateRequest,
	owner client.Object,
) (*k8s_corev1.Secret, ctrl.Result, error)

EnsureCert - creates a certificate, ensures the sercret has the required key/cert and return the secret

func EnsureCertForServiceWithSelector 

func EnsureCertForServiceWithSelector(
	ctx context.Context,
	helper *helper.Helper,
	namespace string,
	selector map[string]string,
	issuer string,
	owner client.Object,
) (string, ctrl.Result, error)

EnsureCertForServiceWithSelector - creates certificate for a k8s service identified by a label selector. The label selector must match a single service Note: Returns an NotFound error if <1 or >1 service found using the selector

func EnsureCertForServicesWithSelector 

func EnsureCertForServicesWithSelector(
	ctx context.Context,
	helper *helper.Helper,
	namespace string,
	selector map[string]string,
	issuer string,
	owner client.Object,
) (map[string]string, ctrl.Result, error)

EnsureCertForServicesWithSelector - creates certificate for k8s services identified by a label selector

func GetIssuerByLabels 

func GetIssuerByLabels(
	ctx context.Context,
	h *helper.Helper,
	namespace string,
	labelSelector map[string]string,
) (*certmgrv1.Issuer, error)

GetIssuerByLabels - get certmanager issuer by label

func GetIssuerByName 

func GetIssuerByName(
	ctx context.Context,
	h *helper.Helper,
	name string,
	namespace string,
) (*certmgrv1.Issuer, error)

GetIssuerByName - get certmanager issuer by name

func SelfSignedIssuer 

func SelfSignedIssuer(
	name string,
	namespace string,
	labels map[string]string,
) *certmgrv1.Issuer

SelfSignedIssuer returns a self signed issuer.

Types

type Certificate 

type Certificate struct {
	// contains filtered or unexported fields
}

Certificate -

func NewCertificate 

func NewCertificate(
	certificate *certmgrv1.Certificate,
	timeout time.Duration,
) *Certificate

NewCertificate returns an initialized Certificate.

func (*Certificate) CreateOrPatch 

func (c *Certificate) CreateOrPatch(
	ctx context.Context,
	h *helper.Helper,
	owner client.Object,
) (ctrl.Result, error)

CreateOrPatch - creates or patches a certificate, reconciles after Xs if object won't exist.

func (*Certificate) Delete 

func (c *Certificate) Delete(
	ctx context.Context,
	h *helper.Helper,
) error

Delete - delete a certificate.

type CertificateRequest 

type CertificateRequest struct {
	IssuerName  string
	CertName    string
	CommonName  *string
	Duration    *time.Duration
	RenewBefore *time.Duration
	Hostnames   []string
	Ips         []string
	Annotations map[string]string
	Labels      map[string]string
	Usages      []certmgrv1.KeyUsage
	Subject     *certmgrv1.X509Subject
}

CertificateRequest -

type Issuer 

type Issuer struct {
	// contains filtered or unexported fields
}

Issuer -

func NewIssuer 

func NewIssuer(
	issuer *certmgrv1.Issuer,
	timeout time.Duration,
) *Issuer

NewIssuer returns an initialized Issuer.

func (*Issuer) CreateOrPatch 

func (i *Issuer) CreateOrPatch(
	ctx context.Context,
	h *helper.Helper,
) (ctrl.Result, error)

CreateOrPatch - creates or patches a issuer, reconciles after Xs if object won't exist.

func (*Issuer) Delete 

func (i *Issuer) Delete(
	ctx context.Context,
	h *helper.Helper,
) error

Delete - delete an issuer.

Source Files

View all Source files

Directories

Path Synopsis
test
helpers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.