gardener: github.com/gardener/gardener/pkg/gardenlet/bootstrap Index | Files

package bootstrap

import "github.com/gardener/gardener/pkg/gardenlet/bootstrap"

Index

Package Files

bootstrap.go

Constants

const GardenerSeedBootstrapper = "gardener.cloud:system:seed-bootstrapper"

GardenerSeedBootstrapper is a constant for the gardener seed bootstrapper name.

func BuildBootstrapperName Uses

func BuildBootstrapperName(name string) string

BuildBootstrapperName concatenates the gardener seed bootstrapper group with the given name, separated by a colon.

func DeleteBootstrapAuth Uses

func DeleteBootstrapAuth(ctx context.Context, c client.Client, csrName, seedName string) error

DeleteBootstrapAuth checks which authentication mechanism was used to request a certificate (either a bootstrap token or a service account token was used). If the latter is true then it also deletes the corresponding ClusterRoleBinding.

func MarshalKubeconfigWithClientCertificate Uses

func MarshalKubeconfigWithClientCertificate(config *rest.Config, privateKeyData, certDat []byte) ([]byte, error)

MarshalKubeconfigWithClientCertificate marshals the kubeconfig derived from the bootstrapping process.

func MarshalKubeconfigWithToken Uses

func MarshalKubeconfigWithToken(config *rest.Config, token string) ([]byte, error)

MarshalKubeconfigWithToken marshals the kubeconfig derived with the given bootstrap token.

func RequestCertificate Uses

func RequestCertificate(ctx context.Context, certificateClient certificatesv1beta1client.CertificateSigningRequestInterface, privateKeyData []byte, commonName string, organization []string) (certData []byte, csrName string, err error)

RequestCertificate will create a certificate signing request for a given organization and common name for the CSR will be set as expected for seed certificates) and send it to API server, then it will watch the object's status, once approved by API server, it will return the API server's issued certificate (pem-encoded). If there is any errors, or the watch timeouts, it will return an error.

func RequestSeedCertificate Uses

func RequestSeedCertificate(ctx context.Context, certificateClient certificatesv1beta1client.CertificateSigningRequestInterface, privateKeyData []byte, seedName string) (certData []byte, csrName string, err error)

RequestSeedCertificate will create a certificate signing request for a seed (Organization and CommonName for the CSR will be set as expected for seed certificates) and send it to API server, then it will watch the object's status, once approved by API server, it will return the API server's issued certificate (pem-encoded). If there is any errors, or the watch timeouts, it will return an error. This is intended for use on seeds (gardenlet).

Package bootstrap imports 25 packages (graph) and is imported by 1 packages. Updated 2020-02-20. Refresh now. Tools for package owners.