estserver

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2026 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultBindAddress = ":4443"
	DefaultCACertPath  = "/etc/ssl/certs/ca-certificates.crt"
	DefaultCertName    = "tls.crt"
	DefaultKeyName     = "tls.key"
	DefaultCertPath    = "/tmp/est-server/serving-certs"
)
View Source 
const (
	RequestIDContextKey = "requestID"
)

Variables

View Source 
var (
	UnauthorizedError = ESTError{
		Error: errors.New("UnauthorizedESTClient"),
		Code:  http.StatusUnauthorized,
	}
	NoCertificatesFoundError = ESTError{
		Error: errors.New("NoCertificatesFound"),
		Code:  http.StatusInternalServerError,
	}
	CertificateEncodingError = ESTError{
		Error: errors.New("CertificateEncodingError"),
		Code:  http.StatusInternalServerError,
	}
	CreateCSRFailedError = ESTError{
		Error: errors.New("CreateCSRFailed"),
		Code:  http.StatusInternalServerError,
	}
	CSRMismatchError = ESTError{
		Error: errors.New("CSRMismatch"),
		Code:  http.StatusBadRequest,
	}
	CertificateMismatchError = ESTError{
		Error: errors.New("CertificateMismatch"),
		Code:  http.StatusBadRequest,
	}
	NotReadyError = ESTError{
		Code: http.StatusAccepted,
	}
	NoCertificateToRenewError = ESTError{
		Error: errors.New("NoCertificateToRenew"),
		Code:  http.StatusBadRequest,
	}
)

Functions

This section is empty.

Types

type ESTError 

type ESTError struct {
	Error error
	Code  int
}

type ESTServer 

type ESTServer struct {
	Options Options
	// contains filtered or unexported fields
}

ESTServer is the default implementation used for Server.

func (*ESTServer) Start 

func (s *ESTServer) Start(ctx context.Context) error

type Options 

type Options struct {
	// Client is the client used to interact with the Kubernetes API.
	// It is used to create and manage the CertificateSigningRequest (CSR) resources.
	// It is required to be set.
	// +kubebuilder:validation:Required
	Client client.Client

	// Scheme is the scheme used to decode the resources.
	// It is required to be set.
	// +kubebuilder:validation:Required
	Scheme *runtime.Scheme

	// BindAddress is the bind address for the server.
	// If empty, the default is ":4443".
	BindAddress string

	// Logger is the logger used for the server.
	Logger logr.Logger

	// CertDir is the directory where the server will look for the TLS certificate and key.
	// If empty, the default is "/etc/opt/cert-estuary/certs".
	CertDir string
	// CertName is the name of the TLS certificate file.
	// If empty, the default is "tls.crt".
	CertName string
	// KeyName is the name of the TLS key file.
	// If empty, the default is "tls.key".
	KeyName string
	// CACertPath is the path to the CA certificate file.
	// If empty, the default is "/etc/ssl/certs/ca-certificates.crt".
	CACertPath string

	// TLSOpts is used  to allow configuring the TLS config used for the server.
	// this also allows providing a certificate via GetCertificate.
	TLSOpts []func(*tls.Config)

	// Metrics is the metrics used for the server.
	Metrics *metrics.EstuaryMetrics
}

type PEMType 

type PEMType string
const (
	// PEMTypeCertificate is the PEM type for a certificate.
	PEMTypeCertificate PEMType = "CERTIFICATE"
	// PEMTypeCSR is the PEM type for a Certificate Signing Request (CSR).
	PEMTypeCSR PEMType = "CERTIFICATE REQUEST"
)

type Server 

type Server interface {
	// Start runs the server
	Start(ctx context.Context) error
}

func NewServer 

func NewServer(o Options) Server

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.