webhooks

package

v0.0.0-...-9331f55 Latest Latest Go to latest Published: Apr 15, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vmware-tanzu/tanzu-framework

Links

Open Source Insights

Documentation ¶

Overview ¶

Package webhooks implements provides utilities for managing and configuration k8s webhooks.

Package webhooks provides functions to manage webhook TLS certificates

Index ¶

Constants
func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, ...) error
func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, ...) (*corev1.Secret, error)
func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error
func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error
type WebhookTLS

Constants ¶

View Source

const (
	RequireMinGracePeriod = time.Hour * 24
)

Variables ¶

This section is empty.

Functions ¶

func InstallCertificates ¶

func InstallCertificates(ctx context.Context, k8sConfig *rest.Config, secret *corev1.Secret, certPath, keyPath, labelSelector string) error

InstallCertificates saves server certificate and key in provided secret to the filesystem paths provided. Adds the CA certificate to webhook configuration matching label selector.

func InstallNewCertificates ¶

func InstallNewCertificates(ctx context.Context, k8sConfig *rest.Config, certPath, keyPath, secretName, namespace, serviceName, labelSelector string) (*corev1.Secret, error)

InstallNewCertificates creates a new set of keys and certificates and saves them to the filesystem paths provided. Adds the CA certificate to webhook configurations matching label selector. Returns a secret containing the server key, sever certificate and CA certificate.

func ValidateTLSSecret ¶

func ValidateTLSSecret(tlsSecret *corev1.Secret, certGracePeriod time.Duration) error

ValidateTLSSecret checks secret has all required keys and certificates. Checks certificate lifetime is valid.

func WriteServerTLSToFileSystem ¶

func WriteServerTLSToFileSystem(ctx context.Context, certPath, keyPath string, secret *corev1.Secret) error

WriteServerTLSToFileSystem writes servers certificate and key in provided secret to the filesystem paths provided.

Types ¶

type WebhookTLS ¶

type WebhookTLS struct {
	Ctx           context.Context
	K8sConfig     *rest.Config
	CertPath      string
	KeyPath       string
	Name          string
	ServiceName   string
	LabelSelector string
	Logger        logr.Logger

	Namespace    string
	RotationTime time.Duration
	// contains filtered or unexported fields
}

func (*WebhookTLS) CACert ¶

func (w *WebhookTLS) CACert() []byte

func (*WebhookTLS) ManageCertificates ¶

func (w *WebhookTLS) ManageCertificates(frequency time.Duration) error

func (*WebhookTLS) ServerCert ¶

func (w *WebhookTLS) ServerCert() []byte

func (*WebhookTLS) ServerKey ¶

func (w *WebhookTLS) ServerKey() []byte

func (*WebhookTLS) UpdateOrCreate ¶

func (w *WebhookTLS) UpdateOrCreate() error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL