Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 9 of 9 for newCSR (0.16 sec)

  2. github.com/kubernetes/kubernetes

    pkg/apis/certificates/v1beta1/defaults_test.go 

    		"defaults for kubelet-serving": {
			req:    newCSR(kubeletServerPEMOptions),
			usages: kubeletServerUsages,
			exp:    true,
		},
		"defaults without key encipherment for kubelet-serving": {
			req:    newCSR(kubeletServerPEMOptions),
			usages: kubeletServerUsagesNoRSA,
			exp:    true,
		},
		"does not default to kube-apiserver-client-kubelet if org is not 'system:nodes'": {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Dec 27 08:04:25 UTC 2022
    - 16.9K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/registry/certificates/certificates/strategy.go 

    	newCSR := obj.(*certificates.CertificateSigningRequest)
	oldCSR := old.(*certificates.CertificateSigningRequest)

	populateConditionTimestamps(newCSR, oldCSR)
	newConditions := newCSR.Status.Conditions

	// Updating the approval should only update the conditions.
	newCSR.Spec = oldCSR.Spec
	newCSR.Status = oldCSR.Status
	newCSR.Status.Conditions = newConditions
}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Mar 18 21:41:43 UTC 2022
    - 11.4K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    pkg/apis/certificates/validation/validation.go 

    }

func ValidateCertificateSigningRequestUpdate(newCSR, oldCSR *certificates.CertificateSigningRequest) field.ErrorList {
	opts := getValidationOptions(newCSR, oldCSR)
	return validateCertificateSigningRequestUpdate(newCSR, oldCSR, opts)
}

func ValidateCertificateSigningRequestStatusUpdate(newCSR, oldCSR *certificates.CertificateSigningRequest) field.ErrorList {
	opts := getValidationOptions(newCSR, oldCSR)
	opts.allowSettingCertificate = true
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Nov 03 18:40:49 UTC 2023
    - 20.1K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/apis/certificates/validation/validation_test.go 

    		Usages:     validUsages,
		Request:    newCSRPEM(t),
		SignerName: "example.com/something",
	}

	tests := []struct {
		name   string
		newCSR *capi.CertificateSigningRequest
		oldCSR *capi.CertificateSigningRequest
		errs   []string
	}{{
		name:   "no-op",
		newCSR: &capi.CertificateSigningRequest{ObjectMeta: validUpdateMeta, Spec: validSpec},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Nov 03 18:40:49 UTC 2023
    - 61K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/registry/certificates/certificates/storage/metrics.go 

    				return
			}

			if oldCSR.Spec.ExpirationSeconds == nil {
				return // ignore CSRs that are not using the CSR duration feature
			}

			newCSR, ok := obj.(*certificates.CertificateSigningRequest)
			if !ok {
				return
			}
			issuedCert := newCSR.Status.Certificate

			// new CSR has no issued certificate yet so do not count it.
			// note that this means that we will ignore CSRs that set a duration
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Mar 18 21:41:43 UTC 2022
    - 4.9K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/util/pkiutil/pki_helpers.go 

    	}

	csr, err := parseCSRPEM(pemBlock)
	if err != nil {
		return nil, errors.Wrapf(err, "error reading certificate request file %s", file)
	}
	return csr, nil
}

// NewCSR creates a new CSR
func NewCSR(cfg CertConfig, key crypto.Signer) (*x509.CertificateRequest, error) {
	RemoveDuplicateAltNames(&cfg.AltNames)

	template := &x509.CertificateRequest{
		Subject: pkix.Name{
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 01 16:01:49 UTC 2024
    - 25.5K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/certs/certs.go 

    	if err != nil {
		return err
	}

	return writeCertificateAuthorityFilesIfNotExist(
		cfg.CertificatesDir,
		certSpec.BaseName,
		caCert,
		caKey,
	)
}

// NewCSR will generate a new CSR and accompanying key
func NewCSR(certSpec *KubeadmCert, cfg *kubeadmapi.InitConfiguration) (*x509.CertificateRequest, crypto.Signer, error) {
	certConfig, err := certSpec.GetConfig(cfg)
	if err != nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Dec 05 10:17:14 UTC 2023
    - 19.4K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/certs/certs_test.go 

    	cfg := testutil.GetDefaultInternalConfig(t)

	certConfig, err := kubeadmCert.GetConfig(cfg)
	if err != nil {
		t.Fatalf("couldn't get cert config: %v", err)
	}

	csr, _, err := NewCSR(kubeadmCert, cfg)

	if err != nil {
		t.Errorf("invalid signature on CSR: %v", err)
	}

	assert.ElementsMatch(t, certConfig.Organization, csr.Subject.Organization, "organizations not equal")
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Jan 31 21:49:21 UTC 2024
    - 23.3K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go 

    	clientCertConfig := newClientCertConfigFromKubeConfigSpec(spec)

	clientKey, err := pkiutil.NewPrivateKey(clientCertConfig.EncryptionAlgorithm)
	if err != nil {
		return err
	}
	clientCSR, err := pkiutil.NewCSR(clientCertConfig, clientKey)
	if err != nil {
		return err
	}

	encodedClientKey, err := keyutil.MarshalPrivateKeyToPEM(clientKey)
	if err != nil {
		return err
	}

	var (
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 07 17:04:18 UTC 2024
    - 27K bytes
    - Viewed (0)
Back to top