Documentation
¶
Overview ¶
Package tlsconfig provides TLS configuration parsing and management for the API server. It supports loading configuration from environment variables or explicit values, and converts them to Go's tls.Config for use with HTTPS servers.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FormatCipherSuites ¶
FormatCipherSuites returns a human-readable string of cipher suite names Returns "default" if the slice is empty (Go's defaults will be used)
func FormatCurvePreferences ¶
FormatCurvePreferences returns a human-readable string of curve names Returns "default" if the slice is empty (Go's defaults will be used)
func GetCipherSuiteName ¶
GetCipherSuiteName returns the name of a cipher suite given its ID Uses Go's built-in cipher suite info
func GetCurveName ¶
GetCurveName returns the name of a curve given its ID
func GetTLSVersionName ¶
GetTLSVersionName returns a human-readable name for a TLS version
func HasEnvOverrides ¶
func HasEnvOverrides() bool
HasEnvOverrides checks if any TLS configuration is set via direct environment variables. This is used to detect operator-injected configuration which should completely override ConfigMap-based configuration to avoid mixing incompatible settings.
Types ¶
type Config ¶
type Config struct {
MinTLSVersion string // e.g., "1.2", "1.3"
CipherSuites string // Comma-separated list of IANA cipher suite names or numeric IDs
CurvePreferences string // Comma-separated list of curve names (e.g., "X25519,P256")
}
Config holds TLS configuration that can be loaded from environment variables
func LoadFromEnv ¶
LoadFromEnv loads TLS configuration from environment variables This allows the configuration to be provided via ConfigMap in Kubernetes or injected by the Tekton operator on OpenShift
Source Files