Affected by 
Documentation
¶
Index ¶
- Constants
- func GetCurrentInternalCerts() (cacert []byte, cert []byte, key []byte, err error)
- func InitializeInternalSecretController(ctx context.Context, reloadFuncs []func([]byte, []byte, []byte) error) (capable bool, err error)
- func ReloadCert(cacert []byte, cert []byte, key []byte) error
- type InternalSecretController
Constants ¶
View Source
const ( TARGET_SECRET_SOURCE_NAME_CACERT = "target-cacert" TARGET_SECRET_SOURCE_NAME_CERT = "target-cert" TARGET_SECRET_SOURCE_NAME_KEY = "target-key" CACERT_FILENAME = "ca.crt" CERT_FILENAME = "tls.crt" KEY_FILENAME = "tls.key" NEW_SECRET_PREFIX = "new-" DEST_SECRET_PREFIX = "dest-" ACTIVE_SECRET_PREFIX = "" )
View Source
const ( WaitSyncTimeout = time.Minute * 5 INTERNAL_SECRET_ROTATION_ANNOTATION = "internal-cert-rotation" )
Variables ¶
This section is empty.
Functions ¶
func GetCurrentInternalCerts ¶
Types ¶
type InternalSecretController ¶
type InternalSecretController struct {
// contains filtered or unexported fields
}
func NewInternalSecretController ¶
func NewInternalSecretController(informerFactory informers.SharedInformerFactory, namespace string, secretName string, reloadFuncs []func([]byte, []byte, []byte) error) (*InternalSecretController, error)
func (*InternalSecretController) IsOfInterest ¶
func (c *InternalSecretController) IsOfInterest(secret *v1.Secret) bool
func (*InternalSecretController) ReloadSecret ¶
func (c *InternalSecretController) ReloadSecret(secret *v1.Secret) (bool, error)
Reload using secret retrieved from k8s API server. The secret is created by helm and events will be received following this order: 1. The initial add. It might have certs filled depending on timing, but no guarantee. 2. The following update. This should have certs all the time.
func (*InternalSecretController) Run ¶
func (c *InternalSecretController) Run(stopCh <-chan struct{}) error
Source Files
Click to show internal directories.
Click to hide internal directories.