Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TLSConfigResult ¶
type TLSConfigResult struct {
// TLSConfig is a function that applies TLS settings to a tls.Config.
TLSConfig func(*tls.Config)
// TLSAdherencePolicy is the cluster-wide TLS adherence policy.
// Only populated when CLI flags are not set.
TLSAdherencePolicy configv1.TLSAdherencePolicy
// TLSProfileSpec is the cluster-wide TLS profile spec.
// Only populated when CLI flags are not set.
TLSProfileSpec configv1.TLSProfileSpec
}
TLSConfigResult holds the resolved TLS configuration along with the cluster-wide TLS profile metadata needed by the SecurityProfileWatcher.
func ResolveTLSConfig ¶
func ResolveTLSConfig(ctx context.Context, restConfig *rest.Config, tlsMinVersion string, tlsCipherSuites []string) (TLSConfigResult, error)
ResolveTLSConfig builds the TLS configuration. When CLI flags are set, they take precedence over the cluster-wide TLS profile. When not set, the profile from apiservers.config.openshift.io/cluster is fetched and applied if the adherence policy requires it.
Source Files
Click to show internal directories.
Click to hide internal directories.