signer

package
v0.0.0-...-4ce35ca Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Add 

func Add(mgr manager.Manager, status *statusmanager.StatusManager, _ cnoclient.Client) error

Add controller and start it when the Manager is started.

Types

type ReconcileCSR 

type ReconcileCSR struct {
	// contains filtered or unexported fields
}

ReconcileCSR reconciles a cluster CertificateSigningRequest object. This will watch for changes to CertificateSigningRequest resources with SignerName == signerName. It will automatically approve these requests for signing. This assumes that the cluster has been configured in a way that no bad actors can make certificate signing requests. In future, we may decide to implement a scheme that would use a one-time token to validate a request.

All requests will be signed using a CA, that is currently generated by the OperatorPKI, and the signed certificate will be returned in the status.

This allows clients to get a signed certificate while maintaining private key confidentiality.

func (*ReconcileCSR) Reconcile 

func (r *ReconcileCSR) Reconcile(ctx context.Context, request reconcile.Request) (reconcile.Result, error)

Reconcile CSR

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.