certgen

package
v0.0.0-...-a1fe31f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 28, 2021 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package certgen contains the code that handles the `certgen` subcommand for the main `sesame` binary.

Index

Constants

View Source
const (
	// CACertificateKey is the dictionary key for the CA certificate bundle.
	CACertificateKey = "cacert.pem"
	// SesameCertificateKey is the dictionary key for the Sesame certificate.
	SesameCertificateKey = "sesamecert.pem"
	// SesamePrivateKeyKey is the dictionary key for the Sesame private key.
	SesamePrivateKeyKey = "sesamekey.pem"
	// EnvoyCertificateKey is the dictionary key for the Envoy certificate.
	EnvoyCertificateKey = "envoycert.pem"
	// EnvoyPrivateKeyKey is the dictionary key for the Envoy private key.
	EnvoyPrivateKeyKey = "envoykey.pem"
)

Variables

This section is empty.

Functions

func AsLegacySecrets

func AsLegacySecrets(namespace string, certdata *certs.Certificates) []*corev1.Secret

AsLegacySecrets transforms the given Certificates struct into a slice of Secrets that is compatible with certgen from sesame 1.4 and earlier. The difference is that the CA cert is in a separate secret, rather than duplicated inline in each TLS secrets.

func AsSecrets

func AsSecrets(namespace string, certdata *certs.Certificates) []*corev1.Secret

AsSecrets transforms the given Certificates struct into a slice of Secrets in in compact Secret format, which is compatible with both cert-manager and Sesame.

func WriteCertsPEM

func WriteCertsPEM(outputDir string, certdata *certs.Certificates, force OverwritePolicy) error

WriteCertsPEM writes out all the certs in certdata to individual PEM files in outputDir

func WriteSecretsKube

func WriteSecretsKube(client *kubernetes.Clientset, secrets []*corev1.Secret, force OverwritePolicy) error

WriteSecretsKube writes all the keypairs out to Kubernetes Secrets in the compact format which is compatible with Secrets generated by cert-manager.

func WriteSecretsYAML

func WriteSecretsYAML(outputDir string, secrets []*corev1.Secret, force OverwritePolicy) error

WriteSecretsYAML writes all the keypairs out to Kubernetes Secrets in YAML form in outputDir.

Types

type OverwritePolicy

type OverwritePolicy int

OverwritePolicy specifies whether an output should be overwritten.

const (
	// NoOverwrite specifies outputs must not be overwritten.
	NoOverwrite OverwritePolicy = 0
	// Overwrite specifies outputs may be overwritten.
	Overwrite OverwritePolicy = 1
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL