Documentation
¶
Overview ¶
Package certificates contains logic for watching and synchronizing CertificateSigningRequests.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsCertificateRequestApproved ¶
func IsCertificateRequestApproved(csr *certificates.CertificateSigningRequest) bool
IsCertificateRequestApproved returns true if a certificate request has the "Approved" condition and no "Denied" conditions; false otherwise.
Types ¶
type AutoApprover ¶ added in v1.6.0
type AutoApprover interface {
AutoApprove(csr *certificates.CertificateSigningRequest) (*certificates.CertificateSigningRequest, error)
}
func NewGroupApprover ¶ added in v1.6.0
func NewGroupApprover(approveAllKubeletCSRsForGroup string) AutoApprover
NewGroupApprover creates an approver that accepts any CSR requests where the subject group contains approveAllKubeletCSRsForGroup.
type CFSSLSigner ¶ added in v1.6.0
type CFSSLSigner struct {
// contains filtered or unexported fields
}
func NewCFSSLSigner ¶ added in v1.6.0
func NewCFSSLSigner(caFile, caKeyFile string) (*CFSSLSigner, error)
type CertificateController ¶
type CertificateController struct {
// contains filtered or unexported fields
}
func NewCertificateController ¶
func NewCertificateController(kubeClient clientset.Interface, csrInformer certificatesinformers.CertificateSigningRequestInformer, signer Signer, approver AutoApprover) (*CertificateController, error)
Source Files
Click to show internal directories.
Click to hide internal directories.