Documentation ¶
Index ¶
- Constants
- func DeDuplicateVolumeMounts(target, added []corev1.VolumeMount) []corev1.VolumeMount
- func DeDuplicateVolumes(target, added []corev1.Volume) []corev1.Volume
- func GetAnnotation(prefix string, name string) string
- func MergeVolumeMounts(target, added []corev1.VolumeMount) []corev1.VolumeMount
- func MergeVolumes(target, added []corev1.Volume) []corev1.Volume
- type CertificatePKIReloader
- func NewCertificatePKIReloader(certFilename, keyFilename string, refreshInterval time.Duration) *CertificatePKIReloader
- func NewCertificatePKIReloaderFull(fs afero.Fs, certFilename, keyFilename string, refreshInterval time.Duration) *CertificatePKIReloader
- func NewCertificatePKIReloaderFullWithErrHandler(fs afero.Fs, certFilename, keyFilename string, refreshInterval time.Duration, ...) *CertificatePKIReloader
- func NewCertificatePKIReloaderWithErrHandler(certFilename, keyFilename string, refreshInterval time.Duration, ...) *CertificatePKIReloader
- type CertificateReloader
- type FileError
- type TLSError
Constants ¶
const ( // TemplateLeftDelimiter is left delimeter for sidecar config TemplateLeftDelimiter = "{%" // TemplateRightDelimiter is right delimeter for sidecar config TemplateRightDelimiter = "%}" )
Variables ¶
This section is empty.
Functions ¶
func DeDuplicateVolumeMounts ¶
func DeDuplicateVolumeMounts(target, added []corev1.VolumeMount) []corev1.VolumeMount
DeDuplicateVolumeMounts returns all or some of added only if they do not already exist in target
func DeDuplicateVolumes ¶
DeDuplicateVolumes returns all or some of added only if they do not already exist in target
func GetAnnotation ¶
GetAnnotation formats a fully qualified annotation from a prefix and a name. For example, with prefix "annotation.io" and name "key", it returns "annotation.io/key".
func MergeVolumeMounts ¶
func MergeVolumeMounts(target, added []corev1.VolumeMount) []corev1.VolumeMount
MergeVolumeMounts merges target with added, but only if a Volume does not exist in target.
Types ¶
type CertificatePKIReloader ¶
type CertificatePKIReloader struct {
// contains filtered or unexported fields
}
func NewCertificatePKIReloader ¶
func NewCertificatePKIReloader(certFilename, keyFilename string, refreshInterval time.Duration) *CertificatePKIReloader
A simplified version of NewCertificatePKIReloaderFull where the fs is the OS fs by default
func NewCertificatePKIReloaderFull ¶
func NewCertificatePKIReloaderFull(fs afero.Fs, certFilename, keyFilename string, refreshInterval time.Duration) *CertificatePKIReloader
Creates a CertificateReloader based on the files and afero FS.
func NewCertificatePKIReloaderFullWithErrHandler ¶
func NewCertificatePKIReloaderFullWithErrHandler(fs afero.Fs, certFilename, keyFilename string, refreshInterval time.Duration, errHandler func(error)) *CertificatePKIReloader
Creates a CertificateReloader based on the files and afero FS. Calls the given error handler when there are problems reading the given files. The error passed to the handler will be a FileError, TLSError, or error. If errHandler is nil, the default behavior is to do nothing on error.
func NewCertificatePKIReloaderWithErrHandler ¶
func NewCertificatePKIReloaderWithErrHandler(certFilename, keyFilename string, refreshInterval time.Duration, errHandler func(error)) *CertificatePKIReloader
A simplified version of NewCertificatePKIReloaderFullWithErrHandler where the fs is the OS fs by default. Calls the given error handler when there are problems reading the given files. The error passed to the handler will be a FileError, TLSError, or error. If errHandler is nil, the default behavior is to do nothing on error.
func (*CertificatePKIReloader) GetCertificate ¶
func (r *CertificatePKIReloader) GetCertificate() (*tls.Certificate, error)
func (*CertificatePKIReloader) IsRunning ¶
func (r *CertificatePKIReloader) IsRunning() bool
func (*CertificatePKIReloader) Start ¶
func (r *CertificatePKIReloader) Start() error
func (*CertificatePKIReloader) Stop ¶
func (r *CertificatePKIReloader) Stop() chan struct{}
type CertificateReloader ¶
type CertificateReloader interface { Start() error // Start the monitoring of the key file Stop() chan struct{} // Stop the monitoring IsRunning() bool // Returns true if the reloader is running GetCertificate() (*tls.Certificate, error) // Returns the latest certs available and errors if latest cert has expired }
A tool to reload certificates automatically