import "github.com/giantswarm/certs"
error.go files.go k8s.go searcher.go spec.go types.go
const ( // DefaultWatchTimeout is the time to wait on watches against the Kubernetes // API before giving up and throwing an error. DefaultWatchTimeout = 90 * time.Second )
const (
SecretNamespace = "default"
)
These constants are used when filtering the secrets, to only retrieve the ones we are interested in.
var AllCerts = []Cert{ APICert, AppOperatorAPICert, CalicoEtcdClientCert, ClusterOperatorAPICert, EtcdCert, FlanneldEtcdClientCert, InternalAPICert, NodeOperatorCert, PrometheusCert, ServiceAccountCert, WorkerCert, }
AllCerts lists all certificates that can be created by cert-operator.
K8sLabels returns labels for the Kubernetes object for the certificate name and the guest cluster ID.
K8sName returns Kubernetes object name for the certificate name and the guest cluster ID.
Cert is a certificate name.
const ( APICert Cert = "api" AppOperatorAPICert Cert = "app-operator-api" CalicoEtcdClientCert Cert = "calico-etcd-client" ClusterOperatorAPICert Cert = "cluster-operator-api" EtcdCert Cert = "etcd" FlanneldEtcdClientCert Cert = "flanneld-etcd-client" InternalAPICert Cert = "internal-api" NodeOperatorCert Cert = "node-operator" PrometheusCert Cert = "prometheus" ServiceAccountCert Cert = "service-account" WorkerCert Cert = "worker" )
These constants used as Cert parsing a secret received from the API.
type Cluster struct { APIServer TLS CalicoEtcdClient TLS EtcdServer TLS ServiceAccount TLS Worker TLS }
type Config struct { K8sClient kubernetes.Interface Logger micrologger.Logger WatchTimeout time.Duration }
type Interface interface { // SearchAppOperator searches for secrets containing TLS certs // for managed catalogue service. SearchAppOperator(clusterID string) (AppOperator, error) // SearchCluster searches for secrets containing TLS certs for guest // clusters components. SearchCluster(clusterID string) (Cluster, error) // SearchClusterOperator searches for secrets containing TLS certs for // connecting to guest clusters. SearchClusterOperator(clusterID string) (ClusterOperator, error) // SearchDraining searches for secrets containing TLS certs for // draining nodes in guest clusters. SearchDraining(clusterID string) (Draining, error) // SearchMonitoring searches for secrets containing TLS certs for // monitoring guest clusters. SearchMonitoring(clusterID string) (Monitoring, error) // SearchTLS provides a dedicated way to lookup a single TLS asset for one // specific purpose. This might be used for e.g. granting guest cluster // access within operators. SearchTLS(clusterID string, cert Cert) (TLS, error) }
type Searcher struct {
// contains filtered or unexported fields
}
func (s *Searcher) SearchAppOperator(clusterID string) (AppOperator, error)
func (s *Searcher) SearchClusterOperator(clusterID string) (ClusterOperator, error)
func (s *Searcher) SearchMonitoring(clusterID string) (Monitoring, error)
Path | Synopsis |
---|---|
certstest |
Package certs imports 11 packages (graph) and is imported by 85 packages. Updated 2019-12-07. Refresh now. Tools for package owners.