Documentation

Overview

    Package certgen contains the code that handles the `certgen` subcommand for the main `contour` binary.

    Index

    Constants

    View Source
    const (
    	// CACertificateKey is the dictionary key for the CA certificate bundle.
    	CACertificateKey = "cacert.pem"
    	// ContourCertificateKey is the dictionary key for the Contour certificate.
    	ContourCertificateKey = "contourcert.pem"
    	// ContourPrivateKeyKey is the dictionary key for the Contour private key.
    	ContourPrivateKeyKey = "contourkey.pem"
    	// EnvoyCertificateKey is the dictionary key for the Envoy certificate.
    	EnvoyCertificateKey = "envoycert.pem"
    	// EnvoyPrivateKeyKey is the dictionary key for the Envoy private key.
    	EnvoyPrivateKeyKey = "envoykey.pem"
    )

    Variables

    This section is empty.

    Functions

    func AsLegacySecrets

    func AsLegacySecrets(namespace string, certdata *certs.Certificates) []*corev1.Secret

      AsLegacySecrets transforms the given Certificates struct into a slice of Secrets that is compatible with certgen from contour 1.4 and earlier. The difference is that the CA cert is in a separate secret, rather than duplicated inline in each TLS secrets.

      func AsSecrets

      func AsSecrets(namespace string, certdata *certs.Certificates) []*corev1.Secret

        AsSecrets transforms the given Certificates struct into a slice of Secrets in in compact Secret format, which is compatible with both cert-manager and Contour.

        func WriteCertsPEM

        func WriteCertsPEM(outputDir string, certdata *certs.Certificates, force OverwritePolicy) error

          WriteCertsPEM writes out all the certs in certdata to individual PEM files in outputDir

          func WriteSecretsKube

          func WriteSecretsKube(client *kubernetes.Clientset, secrets []*corev1.Secret, force OverwritePolicy) error

            WriteSecretsKube writes all the keypairs out to Kubernetes Secrets in the compact format which is compatible with Secrets generated by cert-manager.

            func WriteSecretsYAML

            func WriteSecretsYAML(outputDir string, secrets []*corev1.Secret, force OverwritePolicy) error

              WriteSecretsYAML writes all the keypairs out to Kubernetes Secrets in YAML form in outputDir.

              Types

              type OverwritePolicy

              type OverwritePolicy int

                OverwritePolicy specifies whether an output should be overwritten.

                const (
                	// NoOverwrite specifies outputs must not be overwritten.
                	NoOverwrite OverwritePolicy = 0
                	// Overwrite specifies outputs may be overwritten.
                	Overwrite OverwritePolicy = 1
                )