Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RenderReport ¶
RenderReport writes the certificate expiration report to w in two sections: leaf certificates followed by certificate authorities.
func RunRenewAll ¶ added in v0.31.0
func RunRenewAll(w io.Writer, certsDir, kubeconfigDirOverride string, dryRun bool, extraIP net.IP) error
RunRenewAll renews every known control-plane leaf certificate and kubeconfig client certificate.
func RunRenewSingle ¶ added in v0.31.0
func RunRenewSingle(w io.Writer, path, certsDir, kubeconfigDirOverride string, dryRun, pathExplicit bool) error
RunRenewSingle renews a single artifact identified by path: it auto-detects whether path is a kubeconfig file or a PEM leaf certificate. For artifacts outside the default /etc/kubernetes layout, --path must be set explicitly.
Types ¶
type Report ¶
Report holds the result of a certificate expiration check.
func BuildFullScanReport ¶
BuildFullScanReport enumerates all known control-plane certificates and kubeconfig client certificates, returning a report split into CAs and leaf certs. certsDir is the PKI directory (e.g. /etc/kubernetes/pki). kubeconfigDir is the directory containing kubeconfig files (e.g. /etc/kubernetes). Callers that want the standard layout can pass filepath.Dir(certsDir).
func BuildSingleFileReport ¶
BuildSingleFileReport inspects a single file at path. It tries kubeconfig parsing first; if that fails it falls back to PEM certificate parsing. If both parsers fail, the combined error is returned.
Source Files
Directories