certificatemanager

package

v1.26.3 Latest Latest Go to latest Published: Jul 4, 2022 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tigera/operator

Links

Open Source Insights

Documentation ¶

Index ¶

func ErrInvalidCertDNSNames(secretName, secretNamespace string) error
func HasExpectedDNSNames(secretName, secretNamespace string, cert *x509.Certificate, ...) error
type CertificateManager
- func Create(cli client.Client, installation *operatorv1.InstallationSpec, ...) (CertificateManager, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ErrInvalidCertDNSNames ¶

func ErrInvalidCertDNSNames(secretName, secretNamespace string) error

func HasExpectedDNSNames ¶

func HasExpectedDNSNames(secretName, secretNamespace string, cert *x509.Certificate, expectedDNSNames []string) error

Types ¶

type CertificateManager ¶

type CertificateManager interface {
	// GetKeyPair returns an existing KeyPair. If the KeyPair is not found, nil is returned.
	GetKeyPair(cli client.Client, secretName, secretNamespace string) (certificatemanagement.KeyPairInterface, error)
	// GetOrCreateKeyPair returns a KeyPair. If one exists, some checks are performed. Otherwise, a new KeyPair is created.
	GetOrCreateKeyPair(cli client.Client, secretName, secretNamespace string, dnsNames []string) (certificatemanagement.KeyPairInterface, error)
	// GetCertificate returns a Certificate. If the certificate is not found, nil is returned.
	GetCertificate(cli client.Client, secretName, secretNamespace string) (certificatemanagement.CertificateInterface, error)
	// CreateTrustedBundle creates a TrustedBundle, which provides standardized methods for mounting a bundle of certificates to trust.
	CreateTrustedBundle(certificates ...certificatemanagement.CertificateInterface) certificatemanagement.TrustedBundle
	// AddToStatusManager lets the status manager monitor pending CSRs if the certificate management is enabled.
	AddToStatusManager(manager status.StatusManager, namespace string)
	// KeyPair Returns the CA KeyPairInterface, so it can be rendered in the operator namespace.
	KeyPair() certificatemanagement.KeyPairInterface
}

CertificateManager can sign new certificates and has methods to retrieve existing KeyPairs and Certificates. If a user brings their own secrets, CertificateManager will preserve and return them.

func Create ¶

func Create(cli client.Client, installation *operatorv1.InstallationSpec, clusterDomain string) (CertificateManager, error)

Create creates a signer of new certificates and has methods to retrieve existing KeyPairs and Certificates. If a user brings their own secrets, CertificateManager will preserve and return them.

Source Files ¶

View all Source files

certificatemanager.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL