mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-06-14 18:53:35 +00:00
rebase: bump k8s.io/kubernetes in the k8s-dependencies group
Bumps the k8s-dependencies group with 1 update: [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes). Updates `k8s.io/kubernetes` from 1.32.3 to 1.33.0 - [Release notes](https://github.com/kubernetes/kubernetes/releases) - [Commits](https://github.com/kubernetes/kubernetes/compare/v1.32.3...v1.33.0) --- updated-dependencies: - dependency-name: k8s.io/kubernetes dependency-version: 1.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
committed by
mergify[bot]
parent
4147d5d15a
commit
51895f8619
48
vendor/k8s.io/client-go/util/cert/cert.go
generated
vendored
48
vendor/k8s.io/client-go/util/cert/cert.go
generated
vendored
@ -90,11 +90,37 @@ func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, erro
|
||||
return x509.ParseCertificate(certDERBytes)
|
||||
}
|
||||
|
||||
// SelfSignedCertKeyOptions contains configuration parameters for generating self-signed certificates.
|
||||
type SelfSignedCertKeyOptions struct {
|
||||
// Host is required, and identifies the host of the serving certificate. Can be a DNS name or IP address.
|
||||
Host string
|
||||
// AlternateIPs is optional, and identifies additional IPs the serving certificate should be valid for.
|
||||
AlternateIPs []net.IP
|
||||
// AlternateDNS is optional, and identifies additional DNS names the serving certificate should be valid for.
|
||||
AlternateDNS []string
|
||||
|
||||
// MaxAge controls the duration of the issued certificate.
|
||||
// Defaults to 1 year if unset.
|
||||
// Ignored if FixtureDirectory is set.
|
||||
MaxAge time.Duration
|
||||
|
||||
// FixtureDirectory is intended for use in tests.
|
||||
// If non-empty, it is a directory path which can contain pre-generated certs. The format is:
|
||||
// <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.crt
|
||||
// <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.key
|
||||
// Certs/keys not existing in that directory are created with a duration of 100 years.
|
||||
FixtureDirectory string
|
||||
}
|
||||
|
||||
// GenerateSelfSignedCertKey creates a self-signed certificate and key for the given host.
|
||||
// Host may be an IP or a DNS name
|
||||
// You may also specify additional subject alt names (either ip or dns names) for the certificate.
|
||||
func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error) {
|
||||
return GenerateSelfSignedCertKeyWithFixtures(host, alternateIPs, alternateDNS, "")
|
||||
return GenerateSelfSignedCertKeyWithOptions(SelfSignedCertKeyOptions{
|
||||
Host: host,
|
||||
AlternateIPs: alternateIPs,
|
||||
AlternateDNS: alternateDNS,
|
||||
})
|
||||
}
|
||||
|
||||
// GenerateSelfSignedCertKeyWithFixtures creates a self-signed certificate and key for the given host.
|
||||
@ -106,8 +132,26 @@ func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS
|
||||
// <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.key
|
||||
// Certs/keys not existing in that directory are created.
|
||||
func GenerateSelfSignedCertKeyWithFixtures(host string, alternateIPs []net.IP, alternateDNS []string, fixtureDirectory string) ([]byte, []byte, error) {
|
||||
return GenerateSelfSignedCertKeyWithOptions(SelfSignedCertKeyOptions{
|
||||
Host: host,
|
||||
AlternateIPs: alternateIPs,
|
||||
AlternateDNS: alternateDNS,
|
||||
FixtureDirectory: fixtureDirectory,
|
||||
})
|
||||
}
|
||||
|
||||
// GenerateSelfSignedCertKeyWithOptions generates a self-signed certificate and key based on the provided options.
|
||||
func GenerateSelfSignedCertKeyWithOptions(opts SelfSignedCertKeyOptions) ([]byte, []byte, error) {
|
||||
host := opts.Host
|
||||
alternateIPs := opts.AlternateIPs
|
||||
alternateDNS := opts.AlternateDNS
|
||||
fixtureDirectory := opts.FixtureDirectory
|
||||
maxAge := opts.MaxAge
|
||||
if maxAge == 0 {
|
||||
maxAge = 365 * 24 * time.Hour
|
||||
}
|
||||
|
||||
validFrom := time.Now().Add(-time.Hour) // valid an hour earlier to avoid flakes due to clock skew
|
||||
maxAge := time.Hour * 24 * 365 // one year self-signed certs
|
||||
|
||||
baseName := fmt.Sprintf("%s_%s_%s", host, strings.Join(ipsToStrings(alternateIPs), "-"), strings.Join(alternateDNS, "-"))
|
||||
certFixturePath := filepath.Join(fixtureDirectory, baseName+".crt")
|
||||
|
Reference in New Issue
Block a user