Documentation ¶
Index ¶
- Constants
- func CAIssuer(name string, namespace string, labels map[string]string, secretName string) *certmgrv1.Issuer
- func Cert(name string, namespace string, labels map[string]string, ...) *certmgrv1.Certificate
- func EnsureCert(ctx context.Context, helper *helper.Helper, request CertificateRequest, ...) (*k8s_corev1.Secret, ctrl.Result, error)
- func EnsureCertForServiceWithSelector(ctx context.Context, helper *helper.Helper, namespace string, ...) (string, ctrl.Result, error)
- func EnsureCertForServicesWithSelector(ctx context.Context, helper *helper.Helper, namespace string, ...) (map[string]string, ctrl.Result, error)
- func GetIssuerByLabels(ctx context.Context, h *helper.Helper, namespace string, ...) (*certmgrv1.Issuer, error)
- func GetIssuerByName(ctx context.Context, h *helper.Helper, name string, namespace string) (*certmgrv1.Issuer, error)
- func SelfSignedIssuer(name string, namespace string, labels map[string]string) *certmgrv1.Issuer
- type Certificate
- type CertificateRequest
- type Issuer
Constants ¶
const ( // RootCAIssuerPublicLabel for public RootCA to issue public TLS Certs RootCAIssuerPublicLabel = "osp-rootca-issuer-public" // RootCAIssuerInternalLabel for internal RootCA to issue internal TLS Certs RootCAIssuerInternalLabel = "osp-rootca-issuer-internal" // RootCAIssuerOvnDBLabel for internal RootCA to issue OVN TLS Certs RootCAIssuerOvnDBLabel = "osp-rootca-issuer-ovn" // RootCAIssuerLibvirtLabel for internal RootCA to issue libvirt TLS Certs RootCAIssuerLibvirtLabel = "osp-rootca-issuer-libvirt" )
Variables ¶
This section is empty.
Functions ¶
func CAIssuer ¶
func CAIssuer( name string, namespace string, labels map[string]string, secretName string, ) *certmgrv1.Issuer
CAIssuer returns an CA issuer.
func Cert ¶
func Cert( name string, namespace string, labels map[string]string, spec certmgrv1.CertificateSpec, ) *certmgrv1.Certificate
Cert returns an initialized certificate request obj. minimal spec should be: Spec:
dnsNames: - keystone-public-openstack.apps-crc.testing issuerRef: kind: Issuer name: osp-rootca-issuer secretName: keystone-public-cert
func EnsureCert ¶
func EnsureCert( ctx context.Context, helper *helper.Helper, request CertificateRequest, owner client.Object, ) (*k8s_corev1.Secret, ctrl.Result, error)
EnsureCert - creates a certificate, ensures the sercret has the required key/cert and return the secret
func EnsureCertForServiceWithSelector ¶
func EnsureCertForServiceWithSelector( ctx context.Context, helper *helper.Helper, namespace string, selector map[string]string, issuer string, owner client.Object, ) (string, ctrl.Result, error)
EnsureCertForServiceWithSelector - creates certificate for a k8s service identified by a label selector. The label selector must match a single service Note: Returns an NotFound error if <1 or >1 service found using the selector
func EnsureCertForServicesWithSelector ¶
func EnsureCertForServicesWithSelector( ctx context.Context, helper *helper.Helper, namespace string, selector map[string]string, issuer string, owner client.Object, ) (map[string]string, ctrl.Result, error)
EnsureCertForServicesWithSelector - creates certificate for k8s services identified by a label selector
func GetIssuerByLabels ¶
func GetIssuerByLabels( ctx context.Context, h *helper.Helper, namespace string, labelSelector map[string]string, ) (*certmgrv1.Issuer, error)
GetIssuerByLabels - get certmanager issuer by label
Types ¶
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
Certificate -
func NewCertificate ¶
func NewCertificate( certificate *certmgrv1.Certificate, timeout time.Duration, ) *Certificate
NewCertificate returns an initialized Certificate.
type CertificateRequest ¶
type CertificateRequest struct { IssuerName string CertName string CommonName *string Duration *time.Duration RenewBefore *time.Duration Hostnames []string Ips []string Annotations map[string]string Labels map[string]string Usages []certmgrv1.KeyUsage Subject *certmgrv1.X509Subject }
CertificateRequest -