cert-manager: github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1 Index | Files

package v1alpha1

import "github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"

Package v1alpha1 is the v1alpha1 version of the API. +groupName=webhook.acme.cert-manager.io

Index

Package Files

doc.go register.go types.go zz_generated.deepcopy.go

Variables

var (
    SchemeBuilder runtime.SchemeBuilder

    AddToScheme = localSchemeBuilder.AddToScheme
)
var SchemeGroupVersion = schema.GroupVersion{Group: acme.GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

func Resource Uses

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

type ChallengeAction Uses

type ChallengeAction string
const (
    ChallengeActionPresent ChallengeAction = "Present"
    ChallengeActionCleanUp ChallengeAction = "CleanUp"
)

type ChallengePayload Uses

type ChallengePayload struct {
    metav1.TypeMeta `json:",inline"`

    // Request describes the attributes for the ACME solver request
    // +optional
    Request *ChallengeRequest `json:"request,omitempty"`

    // Response describes the attributes for the ACME solver response
    // +optional
    Response *ChallengeResponse `json:"response,omitempty"`
}

ChallengePayload describes a request/response for presenting or cleaning up an ACME challenge resource

func (*ChallengePayload) DeepCopy Uses

func (in *ChallengePayload) DeepCopy() *ChallengePayload

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengePayload.

func (*ChallengePayload) DeepCopyInto Uses

func (in *ChallengePayload) DeepCopyInto(out *ChallengePayload)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ChallengePayload) DeepCopyObject Uses

func (in *ChallengePayload) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ChallengeRequest Uses

type ChallengeRequest struct {
    // UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
    // otherwise identical (parallel requests, requests when earlier requests did not modify etc)
    // The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
    // It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
    UID types.UID `json:"uid"`

    // Action is one of 'present' or 'cleanup'.
    // If the action is 'present', the record will be presented with the
    // solving service.
    // If the action is 'cleanup', the record will be cleaned up with the
    // solving service.
    Action ChallengeAction `json:"action"`

    // Type is the type of ACME challenge.
    // Only dns-01 is currently supported.
    Type string `json:"type"`

    // DNSName is the name of the domain that is actually being validated, as
    // requested by the user on the Certificate resource.
    // This will be of the form 'example.com' from normal hostnames, and
    // '*.example.com' for wildcards.
    DNSName string `json:"dnsName"`

    // Key is the key that should be presented.
    // This key will already be signed by the account that owns the challenge.
    // For DNS01, this is the key that should be set for the TXT record for
    // ResolveFQDN.
    Key string `json:"key"`

    // ResourceNamespace is the namespace containing resources that are
    // referenced in the providers config.
    // If this request is solving for an Issuer resource, this will be the
    // namespace of the Issuer.
    // If this request is solving for a ClusterIssuer resource, this will be
    // the configured 'cluster resource namespace'
    ResourceNamespace string `json:"resourceNamespace"`

    // ResolvedFQDN is the fully-qualified domain name that should be
    // updated/presented after resolving all CNAMEs.
    // This should be honoured when using the DNS01 solver type.
    // This will be of the form '_acme-challenge.example.com.'.
    // +optional
    ResolvedFQDN string `json:"resolvedFQDN,omitempty"`

    // ResolvedZone is the zone encompassing the ResolvedFQDN.
    // This is included as part of the ChallengeRequest so that webhook
    // implementers do not need to implement their own SOA recursion logic.
    // This indicates the zone that the provided FQDN is encompassed within,
    // determined by performing SOA record queries for each part of the FQDN
    // until an authoritative zone is found.
    // This will be of the form 'example.com.'.
    ResolvedZone string `json:"resolvedZone,omitempty"`

    // AllowAmbientCredentials advises webhook implementations that they can
    // use 'ambient credentials' for authenticating with their respective
    // DNS provider services.
    // This field SHOULD be honoured by all DNS webhook implementations, but
    // in certain instances where it does not make sense to honour this option,
    // an implementation may ignore it.
    AllowAmbientCredentials bool `json:"allowAmbientCredentials"`

    // Config contains unstructured JSON configuration data that the webhook
    // implementation can unmarshal in order to fetch secrets or configure
    // connection details etc.
    // Secret values should not be passed in this field, in favour of
    // references to Kubernetes Secret resources that the webhook can fetch.
    // +optional
    Config *apiext.JSON `json:"config,omitempty"`
}

ChallengeRequest is a payload that can be sent to external ACME webhook solvers in order to 'Present' or 'CleanUp' a challenge with an ACME server.

func (*ChallengeRequest) DeepCopy Uses

func (in *ChallengeRequest) DeepCopy() *ChallengeRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeRequest.

func (*ChallengeRequest) DeepCopyInto Uses

func (in *ChallengeRequest) DeepCopyInto(out *ChallengeRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ChallengeResponse Uses

type ChallengeResponse struct {
    // UID is an identifier for the individual request/response.
    // This should be copied over from the corresponding ChallengeRequest.
    UID types.UID `json:"uid"`

    // Success will be set to true if the request action (i.e. presenting or
    // cleaning up) was successful.
    Success bool `json:"success"`

    // Result contains extra details into why a challenge request failed.
    // This field will be completely ignored if 'success' is true.
    // +optional
    Result *metav1.Status `json:"status,omitempty"`
}

func (*ChallengeResponse) DeepCopy Uses

func (in *ChallengeResponse) DeepCopy() *ChallengeResponse

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeResponse.

func (*ChallengeResponse) DeepCopyInto Uses

func (in *ChallengeResponse) DeepCopyInto(out *ChallengeResponse)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Package v1alpha1 imports 6 packages (graph) and is imported by 26 packages. Updated 2020-01-21. Refresh now. Tools for package owners.