Documentation

Overview

Package certificates implements an abstract controller that is useful for building controllers that manage CSRs

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetCertApprovalCondition

func GetCertApprovalCondition(status *certificates.CertificateSigningRequestStatus) (approved bool, denied bool)

func HasTrueCondition

func HasTrueCondition(csr *certificates.CertificateSigningRequest, conditionType certificates.RequestConditionType) bool

HasCondition returns true if the csr contains a condition of the specified type with a status that is set to True or is empty

func IgnorableError

func IgnorableError(s string, args ...interface{}) ignorableError

IgnorableError returns an error that we shouldn't handle (i.e. log) because it's spammy and usually user error. Instead we will log these errors at a higher log level. We still need to throw these errors to signal that the sync should be retried.

func IsCertificateRequestApproved

func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool

IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.

Types

type CertificateController

type CertificateController struct {
	// contains filtered or unexported fields
}

func (*CertificateController) Run

func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})

Run the main goroutine responsible for watching and syncing jobs.

Directories

Path Synopsis
approver Package approver implements an automated approver for kubelet certificates.
authority
cleaner Package cleaner implements an automated cleaner that does garbage collection on CSRs that meet specific criteria.
rootcacertpublisher
signer Package signer implements a CA signer that uses keys stored on local disk.
signer/config
signer/config/v1alpha1