k8s.io/kubernetes@v1.29.3/pkg/controller/certificates/signer/config/types.go

k8s.io/kubernetes@v1.29.3/pkg/controller/certificates/signer/config/types.go (about)

     1  /*
     2  Copyright 2019 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package config
    18  
    19  import (
    20  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    21  )
    22  
    23  // CSRSigningControllerConfiguration contains elements describing CSRSigningController.
    24  type CSRSigningControllerConfiguration struct {
    25  	// clusterSigningCertFile is the filename containing a PEM-encoded
    26  	// X509 CA certificate used to issue cluster-scoped certificates
    27  	ClusterSigningCertFile string
    28  	// clusterSigningCertFile is the filename containing a PEM-encoded
    29  	// RSA or ECDSA private key used to issue cluster-scoped certificates
    30  	ClusterSigningKeyFile string
    31  
    32  	// kubeletServingSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kubelet-serving signer
    33  	KubeletServingSignerConfiguration CSRSigningConfiguration
    34  	// kubeletClientSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kube-apiserver-client-kubelet
    35  	KubeletClientSignerConfiguration CSRSigningConfiguration
    36  	// kubeAPIServerClientSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kube-apiserver-client
    37  	KubeAPIServerClientSignerConfiguration CSRSigningConfiguration
    38  	// legacyUnknownSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/legacy-unknown
    39  	LegacyUnknownSignerConfiguration CSRSigningConfiguration
    40  
    41  	// clusterSigningDuration is the max length of duration signed certificates will be given.
    42  	// Individual CSRs may request shorter certs by setting spec.expirationSeconds.
    43  	ClusterSigningDuration metav1.Duration
    44  }
    45  
    46  // CSRSigningConfiguration holds information about a particular CSR signer
    47  type CSRSigningConfiguration struct {
    48  	// certFile is the filename containing a PEM-encoded
    49  	// X509 CA certificate used to issue certificates
    50  	CertFile string
    51  	// keyFile is the filename containing a PEM-encoded
    52  	// RSA or ECDSA private key used to issue certificates
    53  	KeyFile string
    54  }