ca

package
v1.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 31, 2024 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrClientK8s = errors.New("k8sAPIClientError")
)

Functions

func CreateDefaultCA 

func CreateDefaultCA(conf hlfv1alpha1.FabricCAItemConf) (*x509.Certificate, *ecdsa.PrivateKey, error)

func CreateDefaultTLSCA 

func CreateDefaultTLSCA(spec hlfv1alpha1.FabricCASpec) (*x509.Certificate, *ecdsa.PrivateKey, error)

func GetDeploymentName 

func GetDeploymentName(releaseName string) string

func GetServiceName 

func GetServiceName(releaseName string) string

func Reconcile 

func Reconcile(
	req ctrl.Request,
	r *FabricCAReconciler,
	cfg *action.Configuration,
) (ctrl.Result, error)

Types

type Affiliation 

type Affiliation struct {
	Name        string   `json:"name"`
	Departments []string `json:"departments"`
}

type ConfigurationFiles 

type ConfigurationFiles struct {
	MysqlCnf string `json:"mysql.cnf"`
}

type Cors 

type Cors struct {
	Enabled bool     `json:"enabled"`
	Origins []string `json:"origins"`
}

type Database 

type Database struct {
	Type       string `json:"type"`
	Datasource string `json:"datasource"`
}

type FabricCAChart 

type FabricCAChart struct {
	PodLabels        map[string]string             `json:"podLabels"`
	PodAnnotations   map[string]string             `json:"podAnnotations"`
	Istio            Istio                         `json:"istio"`
	Traefik          Traefik                       `json:"traefik"`
	GatewayApi       GatewayApi                    `json:"gatewayApi"`
	FullNameOverride string                        `json:"fullnameOverride"`
	Image            Image                         `json:"image"`
	Service          Service                       `json:"service"`
	Persistence      Persistence                   `json:"persistence"`
	Msp              Msp                           `json:"msp"`
	Database         Database                      `json:"db"`
	Resources        corev1.ResourceRequirements   `json:"resources"`
	NodeSelector     *corev1.NodeSelector          `json:"nodeSelector,omitempty"`
	Tolerations      []corev1.Toleration           `json:"tolerations"`
	Affinity         *corev1.Affinity              `json:"affinity,omitempty"`
	Metrics          FabricCAChartMetrics          `json:"metrics"`
	Debug            bool                          `json:"debug"`
	CLRSizeLimit     int                           `json:"clrsizelimit"`
	Ca               FabricCAChartItemConf         `json:"ca"`
	TLSCA            FabricCAChartItemConf         `json:"tlsCA"`
	Cors             Cors                          `json:"cors"`
	ServiceMonitor   ServiceMonitor                `json:"serviceMonitor"`
	EnvVars          []corev1.EnvVar               `json:"envVars"`
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets"`
}

func GetConfig 

func GetConfig(conf *hlfv1alpha1.FabricCA, client *kubernetes.Clientset, chartName string, namespace string) (*FabricCAChart, error)

type FabricCAChartBCCSP 

type FabricCAChartBCCSP struct {
	Default string               `json:"default"`
	SW      FabricCAChartBCCSPSW `json:"sw"`
}

type FabricCAChartBCCSPSW 

type FabricCAChartBCCSPSW struct {
	Hash     string `json:"hash"`
	Security string `json:"security"`
}

type FabricCAChartCFG 

type FabricCAChartCFG struct {
	Identities   FabricCAChartCFGIdentities  `json:"identities"`
	Affiliations FabricCAChartCFGAffilitions `json:"affiliations"`
}

type FabricCAChartCFGAffilitions 

type FabricCAChartCFGAffilitions struct {
	AllowRemove bool `json:"allowRemove"`
}

type FabricCAChartCFGIdentities 

type FabricCAChartCFGIdentities struct {
	AllowRemove bool `json:"allowRemove"`
}

type FabricCAChartCRL 

type FabricCAChartCRL struct {
	Expiry string `json:"expiry"`
}

type FabricCAChartCSR 

type FabricCAChartCSR struct {
	CN    string               `json:"cn"`
	Hosts []string             `json:"hosts"`
	Names []FabricCAChartNames `json:"names"`
	CA    FabricCAChartCSRCA   `json:"ca"`
}

type FabricCAChartCSRCA 

type FabricCAChartCSRCA struct {
	Expiry     string `json:"expiry"`
	PathLength int    `json:"pathlength"`
}

type FabricCAChartIdentity 

type FabricCAChartIdentity struct {
	Name        string                     `json:"name"`
	Pass        string                     `json:"pass"`
	Type        string                     `json:"type"`
	Affiliation string                     `json:"affiliation"`
	Attrs       FabricCAChartIdentityAttrs `json:"attrs"`
}

type FabricCAChartIdentityAttrs 

type FabricCAChartIdentityAttrs struct {
	RegistrarRoles string `json:"hf.Registrar.Roles"`
	DelegateRoles  string `json:"hf.Registrar.DelegateRoles"`
	Attributes     string `json:"hf.Registrar.Attributes"`
	Revoker        bool   `json:"hf.Revoker"`
	IntermediateCA bool   `json:"hf.IntermediateCA"`
	GenCRL         bool   `json:"hf.GenCRL"`
	AffiliationMgr bool   `json:"hf.AffiliationMgr"`
}

type FabricCAChartIntermediate 

type FabricCAChartIntermediate struct {
	ParentServer FabricCAChartIntermediateParentServer `json:"parentServer"`
}

type FabricCAChartIntermediateEnrollment 

type FabricCAChartIntermediateEnrollment struct {
	Hosts   string `json:"hosts"`
	Profile string `json:"profile"`
	Label   string `json:"label"`
}

type FabricCAChartIntermediateParentServer 

type FabricCAChartIntermediateParentServer struct {
	URL    string `json:"url"`
	CAName string `json:"caName"`
}

type FabricCAChartIntermediateTLS 

type FabricCAChartIntermediateTLS struct {
	CertFiles []string                           `json:"certFiles"`
	Client    FabricCAChartIntermediateTLSClient `json:"client"`
}

type FabricCAChartIntermediateTLSClient 

type FabricCAChartIntermediateTLSClient struct {
	CertFile string `json:"certFile"`
	KeyFile  string `json:"keyFile"`
}

type FabricCAChartItemConf 

type FabricCAChartItemConf struct {
	Name         string                    `json:"name"`
	CFG          FabricCAChartCFG          `json:"cfg"`
	CSR          FabricCAChartCSR          `json:"csr"`
	CRL          FabricCAChartCRL          `json:"crl"`
	Registry     FabricCAChartRegistry     `json:"registry"`
	Signing      FabricCASigning           `json:"signing"`
	Intermediate FabricCAChartIntermediate `json:"intermediate"`
	BCCSP        FabricCAChartBCCSP        `json:"bccsp"`
	Affiliations []Affiliation             `json:"affiliations"`
}

type FabricCAChartMetrics 

type FabricCAChartMetrics struct {
	Provider string                     `json:"provider"`
	Statsd   FabricCAChartMetricsStatsd `json:"statsd"`
}

type FabricCAChartMetricsStatsd 

type FabricCAChartMetricsStatsd struct {
	Network       string `json:"network"`
	Address       string `json:"address"`
	WriteInterval string `json:"writeInterval"`
	Prefix        string `json:"prefix"`
}

type FabricCAChartNames 

type FabricCAChartNames struct {
	C  string `json:"C"`
	ST string `json:"ST"`
	O  string `json:"O"`
	L  string `json:"L"`
	OU string `json:"OU"`
}

type FabricCAChartRegistry 

type FabricCAChartRegistry struct {
	MaxEnrollments int                     `json:"maxenrollments"`
	Identities     []FabricCAChartIdentity `json:"identities"`
}

type FabricCAChartSpecService 

type FabricCAChartSpecService struct {
	ServiceType string `json:"type"`
}

type FabricCAReconciler 

type FabricCAReconciler struct {
	client.Client
	ChartPath  string
	Log        logr.Logger
	Scheme     *runtime.Scheme
	Config     *rest.Config
	ClientSet  *kubernetes.Clientset
	Wait       bool
	Timeout    time.Duration
	MaxHistory int
}

FabricCAReconciler reconciles a FabricCA object

func (*FabricCAReconciler) Reconcile 

func (r *FabricCAReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

+kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas,verbs=get;list;watch;create;update;patch;delete +kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas/status,verbs=get;update;patch +kubebuilder:rbac:groups=hlf.kungfusoftware.es,resources=fabriccas/finalizers,verbs=update

func (*FabricCAReconciler) SetupWithManager 

func (r *FabricCAReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles int) error

type FabricCASigning added in v1.8.0 

type FabricCASigning struct {
	Default  FabricCASigningDefault  `json:"default"`
	Profiles FabricCASigningProfiles `json:"profiles"`
}

type FabricCASigningDefault added in v1.8.0 

type FabricCASigningDefault struct {
	// +kubebuilder:default:="8760h"
	Expiry string `json:"expiry"`
	// +kubebuilder:default:={"digital signature"}
	Usage []string `json:"usage"`
}

type FabricCASigningProfiles added in v1.8.0 

type FabricCASigningProfiles struct {
	CA  FabricCASigningSignProfile `json:"ca"`
	TLS FabricCASigningTLSProfile  `json:"tls"`
}

type FabricCASigningSignProfile added in v1.8.0 

type FabricCASigningSignProfile struct {
	// +kubebuilder:default:={"cert sign","crl sign"}
	Usage []string `json:"usage"`
	// +kubebuilder:default:="43800h"
	Expiry       string                               `json:"expiry"`
	CAConstraint FabricCASigningSignProfileConstraint `json:"caconstraint"`
}

type FabricCASigningSignProfileConstraint added in v1.8.0 

type FabricCASigningSignProfileConstraint struct {
	// +kubebuilder:default:=true
	IsCA bool `json:"isCA"`
	// +kubebuilder:default:=0
	MaxPathLen int `json:"maxPathLen"`
}

type FabricCASigningTLSProfile added in v1.8.0 

type FabricCASigningTLSProfile struct {
	// +kubebuilder:default:={"signing","key encipherment", "server auth", "client auth", "key agreement"}
	Usage []string `json:"usage"`
	// +kubebuilder:default:="8760h"
	Expiry string `json:"expiry"`
}

type GatewayApi added in v1.9.0 

type GatewayApi struct {
	Port             int      `json:"port"`
	Hosts            []string `json:"hosts"`
	GatewayName      string   `json:"gatewayName"`
	GatewayNamespace string   `json:"gatewayNamespace"`
}

type Image 

type Image struct {
	Repository string `json:"repository"`
	Tag        string `json:"tag"`
	PullPolicy string `json:"pullPolicy"`
}

type Ingress 

type Ingress struct {
	Enabled     bool              `json:"enabled"`
	Annotations map[string]string `json:"annotations"`
	Path        string            `json:"path"`
	Hosts       []string          `json:"hosts"`
	TLS         []interface{}     `json:"tls"`
}

type Istio added in v1.1.0 

type Istio struct {
	Port  int      `json:"port"`
	Hosts []string `json:"hosts"`
}

type Msp 

type Msp struct {
	CARef    *SecretRef `json:"caRef"`
	TLSCARef *SecretRef `json:"tlsCARef"`

	Keyfile        string `json:"keyfile"`
	Certfile       string `json:"certfile"`
	Chainfile      string `json:"chainfile"`
	TLSCAKeyfile   string `json:"tlsCAKeyFile"`
	TLSCACertfile  string `json:"tlsCACertFile"`
	TLSCAChainfile string `json:"tlsCAChainfile"`
	TlsKeyFile     string `json:"tlsKeyFile"`
	TlsCertFile    string `json:"tlsCertFile"`
}

type Mysql 

type Mysql struct {
	Enabled            bool               `json:"enabled"`
	Image              string             `json:"image"`
	ImageTag           string             `json:"imageTag"`
	MysqlDatabase      string             `json:"mysqlDatabase"`
	MysqlUser          string             `json:"mysqlUser"`
	ConfigurationFiles ConfigurationFiles `json:"configurationFiles"`
}

type Names 

type Names struct {
	C  string      `json:"c"`
	St string      `json:"st"`
	L  interface{} `json:"l"`
	O  string      `json:"o"`
	Ou string      `json:"ou"`
}

type Persistence 

type Persistence struct {
	Enabled      bool              `json:"enabled"`
	Annotations  map[string]string `json:"annotations"`
	StorageClass string            `json:"storageClass"`
	AccessMode   string            `json:"accessMode"`
	Size         string            `json:"size"`
}

type SecretRef added in v1.10.0 

type SecretRef struct {
	SecretName string `json:"secretName"`
}

type Service 

type Service struct {
	Type string `json:"type"`
	Port int    `json:"port"`
}

type ServiceMonitor added in v1.2.1 

type ServiceMonitor struct {
	Enabled           bool              `json:"enabled"`
	Labels            map[string]string `json:"labels"`
	Interval          string            `json:"interval"`
	ScrapeTimeout     string            `json:"scrapeTimeout"`
	Scheme            string            `json:"scheme"`
	Relabelings       []interface{}     `json:"relabelings"`
	TargetLabels      []interface{}     `json:"targetLabels"`
	MetricRelabelings []interface{}     `json:"metricRelabelings"`
	SampleLimit       int               `json:"sampleLimit"`
}

type Status 

type Status struct {
	Status    hlfv1alpha1.DeploymentStatus
	TlsCert   string
	CACert    string
	TLSCACert string
	NodeURL   string
	NodePort  int
	NodeHost  string
}

func GetCAState 

func GetCAState(clientSet *kubernetes.Clientset, ca *hlfv1alpha1.FabricCA, releaseName string, ns string) (*Status, error)

type Traefik added in v1.10.0 

type Traefik struct {
	Entrypoints []string            `json:"entryPoints"`
	Middlewares []TraefikMiddleware `json:"middlewares"`
	Hosts       []string            `json:"hosts"`
}

type TraefikMiddleware added in v1.10.0 

type TraefikMiddleware struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.