option

package
v0.4.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 14, 2026 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Debug enables debug messages.
	Debug = "debug"

	// K8sKubeConfigPath is the path to the kubeconfig If empty, the in-cluster
	// configuration is used.
	K8sKubeConfigPath = "k8s-kubeconfig-path"
	// K8sRequestTimeout specifies the timeout for K8s API requests.
	K8sRequestTimeout = "k8s-request-timeout"

	// CACertFile is the path to the CA cert PEM (if CAGenerate is false).
	CACertFile = "ca-cert-file"
	// CAKeyFile is the path to the CA key PEM (if CAGenerate is false).
	CAKeyFile = "ca-key-file"

	// CAGenerate can be set to true to generate a new CA secret.
	// If CAReuseSecret is true, then a new CA secret is only created if an
	// existing one is not found.
	CAGenerate = "ca-generate"
	// CAReuseSecret can be set to true to store and load the CA from
	// the secret if it exists. Setting to false will delete the old Secret and
	// force regeneration.
	CAReuseSecret = "ca-reuse-secret" //#nosec
	// CACommonName is the CA x509 certificate CN value.
	CACommonName = "ca-common-name"
	// CAValidityDuration represent how much time the CA certificate
	// generated by certgen is valid.
	CAValidityDuration = "ca-validity-duration"
	// CASecretName is the Kubernetes Secret in which the CA certificate
	// is read from and/or written to.
	CASecretName = "ca-secret-name"
	// CASecretNamespace is the Kubernetes Namespace in which the CA
	// Secret will be stored.
	CASecretNamespace = "ca-secret-namespace"
	// CAConfigMapName is the Kubernetes ConfigMap in which the CA certificate
	// is written to.
	CAConfigMapName = "ca-configmap-name"
	// CAConfigMapNamespace is the Kubernetes Namespace in which the CA
	// ConfigMap will be stored.
	CAConfigMapNamespace = "ca-configmap-namespace"
	// CAEnforceValidityThroughoutLeavesDuration controls whether certgen strictly
	// enforces that the CA certificates remain valid throughput the entire duration
	// of the leaf certificates to be generated.
	CAEnforceValidityThroughoutLeavesDuration = "ca-enforce-validity-throughout-leaves-duration"

	// CertsConfig is the configuration describing the certificates to generate.
	// It takes precedence over config-file if both are specified.
	CertsConfig = "config"

	// CertsConfigFile is the file containing the configuration describing the
	// certificates to generate.
	CertsConfigFile = "config-file"
)

Variables

View Source 
var Config = &CertGenConfig{}

Config is the main configuration as obtained from command-line arguments, environment variables and config files.

Functions

This section is empty.

Types

type CertGenConfig 

type CertGenConfig struct {
	// Debug enables debug messages.
	Debug bool

	// K8sKubeConfigPath is the path to the kubeconfig If empty, the in-cluster
	// configuration is used.
	K8sKubeConfigPath string
	// K8sRequestTimeout specifies the timeout for K8s API requests
	K8sRequestTimeout time.Duration

	// CACertFile is the path to the CA cert PEM (if CAGenerate is false).
	CACertFile string
	// CAKeyFile is the path to the CA key PEM (if CAGenerate is false).
	CAKeyFile string

	// CAGenerate can be set to true to generate a new CA secret.  If
	// CAReuseSecret is true, then a new CA secret only is created if existing
	// one is not found.
	CAGenerate bool
	// CAReuseSecret can be set to true to store and load the CA from
	// the secret if it exists. Setting to false will delete the old Secret and
	// force regeneration.
	CAReuseSecret bool
	// CACommonName is the CA x509 certificate CN value.
	CACommonName string
	// CAValidityDuration represent how much time the CA certificate
	// generated by certgen is valid.
	CAValidityDuration time.Duration
	// CASecretName is the Kubernetes Secret in which the CA certificate
	// is read from and/or written to.
	CASecretName string
	// CASecretNamespace is the Kubernetes Namespace in which the CA
	// Secret will be stored.
	CASecretNamespace string
	// CAConfigMapName is the Kubernetes ConfigMap in which the CA certificate
	// is written to.
	CAConfigMapName string
	// CAConfigMapNamespace is the Kubernetes Namespace in which the CA ConfigMap
	// will be stored.
	CAConfigMapNamespace string
	// CAEnforceValidityThroughoutLeavesDuration controls whether certgen strictly
	// enforces that the CA certificates remain valid throughput the entire duration
	// of the leaf certificates to be generated.
	CAEnforceValidityThroughoutLeavesDuration bool

	// CertsConfig is the yaml configuration describing the certificates to
	// generate. It takes precedence over config-file if both are specified.
	CertsConfig string
	// CertsConfigFile is the file containing the yaml configuration describing
	// the certificates to generate.
	CertsConfigFile string
}

CertGenConfig contains the main configuration options.

func (*CertGenConfig) PopulateFrom 

func (c *CertGenConfig) PopulateFrom(vp *viper.Viper)

PopulateFrom populates the config struct with the values provided by vp.

type CertificateConfig added in v0.2.0 

type CertificateConfig struct {
	Name       string        `yaml:"name"`
	Namespace  string        `yaml:"namespace"`
	CommonName string        `yaml:"commonName"`
	Hosts      []string      `yaml:"hosts"`
	Usage      []string      `yaml:"usage"`
	Validity   time.Duration `yaml:"validity"`
}

CertificateConfig contains the configuration of a certificate.

type CertificateConfigs added in v0.2.0 

type CertificateConfigs struct {
	Certs []CertificateConfig `yaml:"certs"`
}

CertificateConfigs contains configuration of individual certificates.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.