package certs
import "sigs.k8s.io/controller-runtime/pkg/internal/testing/certs"
Index ¶
- type CertPair
- func (k CertPair) AsBytes() (cert []byte, key []byte, err error)
- func (k CertPair) CertBytes() []byte
- type ClientInfo
- type TinyCA
Types ¶
type CertPair ¶
type CertPair struct {
Key crypto.Signer
Cert *x509.Certificate
}
CertPair is a private key and certificate for use for client auth, as a CA, or serving.
func (CertPair) AsBytes ¶
AsBytes encodes keypair in the appropriate formats for on-disk storage (PEM and PKCS8, respectively).
func (CertPair) CertBytes ¶
CertBytes returns the PEM-encoded version of the certificate for this pair.
type ClientInfo ¶
type ClientInfo struct {
// Name is the user name (embedded as the cert's CommonName)
Name string
// Groups are the groups to which this user belongs (embedded as the cert's
// Organization)
Groups []string
}
ClientInfo describes some Kubernetes user for the purposes of creating client certificates.
type TinyCA ¶
type TinyCA struct {
CA CertPair
// contains filtered or unexported fields
}
TinyCA supports signing serving certs and client-certs, and can be used as an auth mechanism with envtest.
func NewTinyCA ¶
NewTinyCA creates a new a tiny CA utility for provisioning serving certs and client certs FOR TESTING ONLY. Don't use this for anything else!
func (*TinyCA) NewClientCert ¶
func (c *TinyCA) NewClientCert(user ClientInfo) (CertPair, error)
NewClientCert produces a new CertPair suitable for use with Kubernetes client cert auth with an API server validating based on this CA.
func (*TinyCA) NewServingCert ¶
NewServingCert returns a new CertPair for a serving HTTPS on localhost (or other specified names).
Source Files ¶
tinyca.go
- Version
- v0.20.4 (latest)
- Published
- Mar 24, 2025
- Platform
- linux/amd64
- Imports
- 12 packages
- Last checked
- 2 days ago –
Tools for package owners.