package certificates

kubernetes – k8s.io/kubernetes/pkg/controller/certificates Index | Files

package certificates

import "k8s.io/kubernetes/pkg/controller/certificates"

Package certificates contains logic for watching and synchronizing CertificateSigningRequests.

Index ¶

func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
type AutoApprover

func NewGroupApprover(approveAllKubeletCSRsForGroup string) AutoApprover

type CFSSLSigner

func NewCFSSLSigner(caFile, caKeyFile string) (*CFSSLSigner, error)
func (cs *CFSSLSigner) Sign(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)

type CertificateController

func NewCertificateController(kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, signer Signer, approver AutoApprover) (*CertificateController, error)
func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})

type Signer

Functions ¶

func IsCertificateRequestApproved ¶

func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool

IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.

Types ¶

type AutoApprover ¶

type AutoApprover interface {
	AutoApprove(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
}

func NewGroupApprover ¶

func NewGroupApprover(approveAllKubeletCSRsForGroup string) AutoApprover

NewGroupApprover creates an approver that accepts any CSR requests where the subject group contains approveAllKubeletCSRsForGroup.

type CFSSLSigner ¶

type CFSSLSigner struct {
	// contains filtered or unexported fields
}

func NewCFSSLSigner ¶

func NewCFSSLSigner(caFile, caKeyFile string) (*CFSSLSigner, error)

func (*CFSSLSigner) Sign ¶

func (cs *CFSSLSigner) Sign(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)

type CertificateController ¶

type CertificateController struct {
	// contains filtered or unexported fields
}

func NewCertificateController ¶

func NewCertificateController(kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, signer Signer, approver AutoApprover) (*CertificateController, error)

func (*CertificateController) Run ¶

func (cc *CertificateController) Run(workers int, stopCh <-chan struct{})

Run the main goroutine responsible for watching and syncing jobs.

type Signer ¶

type Signer interface {
	Sign(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
}

Source Files ¶

certificate_controller.go certificate_controller_utils.go cfssl_signer.go doc.go groupapprove.go

Version: v1.6.2
Published: Apr 19, 2017
Platform: js/wasm
Imports: 26 packages
Last checked: 44 seconds ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples