Documentation
¶
Overview ¶
Package certificate provides certificate generation and management functionality for the CloudZero Agent, including TLS certificate creation and Kubernetes webhook configuration management.
Package certificate provides certificate generation and management functionality for the CloudZero Agent, including TLS certificate creation and Kubernetes webhook configuration management.
Index ¶
- Constants
- type CertificateData
- type CertificateService
- func (s *CertificateService) GenerateCertificate(ctx context.Context, serviceName, namespace string, keySize int, ...) (*CertificateData, error)
- func (s *CertificateService) UpdateResources(ctx context.Context, namespace, secretName, webhookName string, ...) error
- func (s *CertificateService) ValidateExistingCertificate(ctx context.Context, namespace, secretName string) (bool, error)
- type KubernetesClient
- type WebhookPatch
Constants ¶
const ( // ECDSA key size constants ECDSAKeySize256 = 256 ECDSAKeySize384 = 384 ECDSAKeySize521 = 521 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateData ¶
type CertificateData struct {
CABundle string `json:"caBundle"`
TLSCrt string `json:"tlsCrt"`
TLSKey string `json:"tlsKey"`
}
CertificateData represents the generated certificate information
type CertificateService ¶
type CertificateService struct {
// contains filtered or unexported fields
}
CertificateService implements the core certificate management logic
func NewCertificateService ¶
func NewCertificateService(k8sClient KubernetesClient) *CertificateService
NewCertificateService creates a new certificate service
func (*CertificateService) GenerateCertificate ¶
func (s *CertificateService) GenerateCertificate(ctx context.Context, serviceName, namespace string, keySize int, validityDuration time.Duration, algorithm string) (*CertificateData, error)
GenerateCertificate generates a new certificate with the specified parameters
func (*CertificateService) UpdateResources ¶
func (s *CertificateService) UpdateResources(ctx context.Context, namespace, secretName, webhookName string, certData *CertificateData) error
UpdateResources updates the TLS secret and webhook configuration with new certificates
func (*CertificateService) ValidateExistingCertificate ¶
func (s *CertificateService) ValidateExistingCertificate(ctx context.Context, namespace, secretName string) (bool, error)
ValidateExistingCertificate checks if the existing certificate is valid
type KubernetesClient ¶
type KubernetesClient interface {
// GetTLSSecret retrieves a TLS secret from the specified namespace
GetTLSSecret(ctx context.Context, namespace, secretName string) (map[string]interface{}, error)
// GetWebhookCABundle retrieves the CA bundle from a webhook configuration
GetWebhookCABundle(ctx context.Context, webhookName string) (string, error)
// PatchSecret applies a patch to a secret in the specified namespace
PatchSecret(ctx context.Context, namespace, secretName string, patchData map[string]interface{}) error
// PatchWebhookConfiguration applies patches to a webhook configuration
PatchWebhookConfiguration(ctx context.Context, webhookName string, patches []WebhookPatch) error
}
KubernetesClient defines the interface for Kubernetes operations
type WebhookPatch ¶
type WebhookPatch struct {
Op string `json:"op"`
Path string `json:"path"`
Value string `json:"value"`
}
WebhookPatch represents a patch operation for webhook configuration
Source Files
Directories