Documentation ¶
Index ¶
- func GetDefaultKubeClient() (kubernetes.Interface, error)
- func GetDefaultRESTConfig() (*rest.Config, error)
- type CertificateKeyPair
- func (ckp *CertificateKeyPair) CopyFrom(c *CertificateKeyPair)
- func (ckp *CertificateKeyPair) GetCACertPem() []byte
- func (ckp *CertificateKeyPair) GetParsedCertificate() (*x509.Certificate, error)
- func (ckp *CertificateKeyPair) GetTLSCertificateChain() *tls.Certificate
- func (ckp *CertificateKeyPair) IsValid(d time.Duration) bool
- type TLSSecret
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetDefaultKubeClient ¶ added in v0.1.2
func GetDefaultKubeClient() (kubernetes.Interface, error)
func GetDefaultRESTConfig ¶ added in v0.1.4
Types ¶
type CertificateKeyPair ¶
type CertificateKeyPair struct { CertPem []byte KeyPem []byte // contains filtered or unexported fields }
func GenerateCert ¶
func GenerateCert(name string, dnsNames []string, parent *CertificateKeyPair, duration time.Duration) (*CertificateKeyPair, error)
func (*CertificateKeyPair) CopyFrom ¶
func (ckp *CertificateKeyPair) CopyFrom(c *CertificateKeyPair)
func (*CertificateKeyPair) GetCACertPem ¶
func (ckp *CertificateKeyPair) GetCACertPem() []byte
func (*CertificateKeyPair) GetParsedCertificate ¶
func (ckp *CertificateKeyPair) GetParsedCertificate() (*x509.Certificate, error)
func (*CertificateKeyPair) GetTLSCertificateChain ¶
func (ckp *CertificateKeyPair) GetTLSCertificateChain() *tls.Certificate
type TLSSecret ¶
type TLSSecret struct { // Explicitly provide a KubeClient to lookup a TLS secret and possibly generate // a certificate on-the-fly. If unset TLSSecret will try and get one // for you. ExplicitKubeClient kubernetes.Interface // The namespace for the certificate Namespace string // The name of the secret Name string // The name of the CA secret, defaults to Name-ca CAName string // If non-empty, persist an opaque secret with the public // CA certificate. This duplicates the CAName secret but // is missing the "tls.key" entry. CAPublicName string // The duration of the CA certifcate, defaults to 10 years CADuration time.Duration // The duration of the TLS certificate, defaults to 8 hours Duration time.Duration // The DNSNames of the certificate. If unset, then DNSNames will be Name, // Name.Namespace.svc, and Name.Namespace.svc.cluster.local (these values) // are appropriate for a service with the name "Name". DNSNames []string // Enable background refresh EnableBackgroundRefresh bool // The field manager for update and create operations FieldManager string // The cluster domain name. If unset, then "cluster.local" ClusterDomainName string // Custom log output Log func(string, ...interface{}) // contains filtered or unexported fields }
TLSSecret retrieves a TLS certificate from a kubernetes secret. If the secret doesn't exist, it will generate it.
func (*TLSSecret) GetCertificateKeyPair ¶
func (t *TLSSecret) GetCertificateKeyPair() (*CertificateKeyPair, error)
func (*TLSSecret) MustGetTLSConfig ¶
Click to show internal directories.
Click to hide internal directories.