connectivity-certs-controller/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Connectivity Certs Controller

Overview

The Connectivity Certs Controller fetches the client certificate and the root CA from the central Connector Service and saves them to Secrets.

Fetching certificates

The Controller acts on to CertificateRequest custom resource (CR). It requires the csrInfoUrl field.

To create the CR, run:

cat <<EOF | kubectl apply -f -
apiVersion: applicationconnector.kyma-project.io/v1alpha1
kind: CertificateRequest
metadata:
  name: certificate-request
spec:
  csrInfoUrl: "{CSR_INFO_URL_WITH_TOKEN}"
EOF

After a successful exchange of certificates, the controller creates new Secrets or modifies the existing ones that correspond to the updated certificates. The CertificateRequest CR is deleted.

Troubleshooting

If there's an error in the process of fetching the certificates or saving them to Secrets, the CertificateRequest CR is not deleted. Instead, the controller adds the error section that contains a detailed error message to the CR.

To get the error message, run:

kubectl get certificaterequests.applicationconnector.kyma-project.io {CERT_REQUEST_NAME} -o jsonpath={.status.error}

Directories ¶

Path	Synopsis
cmd
connectivitycertscontroller
internal
certificates
certificates/mocks Code generated by mockery v1.0.0.	Code generated by mockery v1.0.0.
connectorservice
connectorservice/mocks Code generated by mockery v1.0.0.	Code generated by mockery v1.0.0.
controller/certificaterequest
controller/certificaterequest/mocks Code generated by mockery v1.0.0.	Code generated by mockery v1.0.0.
secrets
secrets/mocks Code generated by mockery v1.0.0.	Code generated by mockery v1.0.0.
pkg
apis Package apis contains Kubernetes API groups.	Package apis contains Kubernetes API groups.
apis/applicationconnector/v1alpha1 +groupName=applicationconnector.kyma-project.io	+groupName=applicationconnector.kyma-project.io
client/clientset/versioned This package has the automatically generated clientset.	This package has the automatically generated clientset.
client/clientset/versioned/fake This package has the automatically generated fake clientset.	This package has the automatically generated fake clientset.
client/clientset/versioned/scheme This package contains the scheme of the automatically generated clientset.	This package contains the scheme of the automatically generated clientset.
client/clientset/versioned/typed/applicationconnector/v1alpha1 This package has the automatically generated typed clients.	This package has the automatically generated typed clients.
client/clientset/versioned/typed/applicationconnector/v1alpha1/fake Package fake has the automatically generated clients.	Package fake has the automatically generated clients.
client/informers/externalversions
client/informers/externalversions/applicationconnector
client/informers/externalversions/applicationconnector/v1alpha1
client/informers/externalversions/internalinterfaces
client/listers/applicationconnector/v1alpha1

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL