certs

package

v2.3.1 Latest Latest Go to latest Published: May 25, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/crossplane/cli

Links

Open Source Insights

Documentation ¶

Overview ¶

Package certs generates certificates for the local dev registry.

Index ¶

Constants
type CertGenerator
- func NewCertGenerator() *CertGenerator
- func (*CertGenerator) Generate(cert *x509.Certificate, signer *CertificateSigner) (key []byte, crt []byte, err error)
type CertificateGenerator
type CertificateSigner
type TLSCertificateGenerator
- func NewTLSCertificateGenerator(ns, caSecret string, opts ...TLSCertificateGeneratorOption) *TLSCertificateGenerator
- func (e *TLSCertificateGenerator) Run(ctx context.Context, kube client.Client) error
type TLSCertificateGeneratorOption
- func TLSCertificateGeneratorWithLogger(log logging.Logger) TLSCertificateGeneratorOption
- func TLSCertificateGeneratorWithServerSecretName(s string, dnsNames []string) TLSCertificateGeneratorOption

Constants ¶

View Source

const (
	// RootCACertSecretName is the name of the secret that will store CA
	// certificates. The rest of the certificates created per entity will be
	// signed by this CA.
	RootCACertSecretName = "crossplane-ca"

	// SecretKeyCACert is the secret key of CA certificate.
	SecretKeyCACert = "ca.crt"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertGenerator ¶

type CertGenerator struct{}

CertGenerator generates a root CA and key that can be used by client and servers.

func NewCertGenerator ¶

func NewCertGenerator() *CertGenerator

NewCertGenerator returns a new CertGenerator.

func (*CertGenerator) Generate ¶

func (*CertGenerator) Generate(cert *x509.Certificate, signer *CertificateSigner) (key []byte, crt []byte, err error)

Generate creates TLS Secret with 10 years expiration date that is valid for the given domains.

type CertificateGenerator ¶

type CertificateGenerator interface {
	Generate(c *x509.Certificate, cs *CertificateSigner) (key, crt []byte, err error)
}

CertificateGenerator can return you TLS certificate valid for given domains.

type CertificateSigner ¶

type CertificateSigner struct {
	// contains filtered or unexported fields
}

CertificateSigner is the parent's certificate and key that will be used to sign the certificate.

type TLSCertificateGenerator ¶

type TLSCertificateGenerator struct {
	// contains filtered or unexported fields
}

TLSCertificateGenerator generates TLS certificate bundles and stores them in k8s secrets.

func NewTLSCertificateGenerator ¶

func NewTLSCertificateGenerator(ns, caSecret string, opts ...TLSCertificateGeneratorOption) *TLSCertificateGenerator

NewTLSCertificateGenerator returns a new TLSCertificateGenerator.

func (*TLSCertificateGenerator) Run ¶

func (e *TLSCertificateGenerator) Run(ctx context.Context, kube client.Client) error

Run generates the TLS certificate bundle and stores it in k8s secrets.

type TLSCertificateGeneratorOption ¶

type TLSCertificateGeneratorOption func(*TLSCertificateGenerator)

TLSCertificateGeneratorOption configures TLSCertificateGenerator behavior.

func TLSCertificateGeneratorWithLogger ¶

func TLSCertificateGeneratorWithLogger(log logging.Logger) TLSCertificateGeneratorOption

TLSCertificateGeneratorWithLogger configures the logger.

func TLSCertificateGeneratorWithServerSecretName ¶

func TLSCertificateGeneratorWithServerSecretName(s string, dnsNames []string) TLSCertificateGeneratorOption

TLSCertificateGeneratorWithServerSecretName sets the server secret name and DNS names.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL