kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,877 Commits 31 Branches 256 Tags 544 MiB
Commit Graph

53 Commits

Author SHA1 Message Date
John Gardiner Myers c051198f85 Pull pki.Keystore out of fi.KeystoreReader 2023-01-02 10:39:24 -08:00
justinsb 817c1e63b3 FindKeyset can return nil 
We had missed a case in nodeup; add a Context argument to force us to
revisit the codepaths.
 2022-12-24 16:12:21 -05:00
justinsb 90cbf75584 Context threading: more wiring 
We're aiming to use this for testing immediately and better
logging/tracing in future, but to make the changes manageable breaking
them into a smaller series that don't directly achieve much.
 2022-12-22 17:52:22 -05:00
Ciprian Hacman 407ee77041 Trim space around SSH public key 2022-08-24 08:32:01 +03:00
Ciprian Hacman ea7df00719 Run hack/update-gofmt.sh 2021-12-01 22:39:50 +02:00
John Gardiner Myers f4d2cb0437 Rename fields in v1alpha3 keyset API to fit acronym convention 2021-11-22 08:07:55 -08:00
John Gardiner Myers cd1aa1ab53 Simplify FindSSHPublicKeys() interface 2021-07-24 09:01:22 -07:00
John Gardiner Myers cddefc0a1f Simplify DeleteSSHCredential() interface 2021-07-24 09:01:21 -07:00
John Gardiner Myers d935a419f8 Simplify AddSSHPublicKey() interface 2021-07-24 08:59:57 -07:00
John Gardiner Myers 9dbf3479d6 Stop writing the certificate-only keyset.yaml 2021-07-11 11:16:11 -07:00
John Gardiner Myers a33a30a859 Refactor out some legacy interfaces 2021-07-10 23:23:12 -07:00
John Gardiner Myers 584aa56b6b Retain deleted keypairs 2021-06-24 19:03:29 -07:00
John Gardiner Myers 366210d189 Remove dead code 2021-06-21 21:45:55 -07:00
John Gardiner Myers 002a1f7fd3 Remove 'kops toolbox convert-imported' 2021-06-21 07:34:29 -07:00
John Gardiner Myers 1ed3619362 Improve the output of 'kops get keypairs' 2021-06-20 15:51:09 -07:00
John Gardiner Myers e0d9259be1 Remove dead code 2021-06-19 10:50:52 -07:00
John Gardiner Myers 15319ae432 Make serialization of keyset items stable 2021-06-05 16:38:27 -07:00
John Gardiner Myers fa77f8b964 Rename fi.Keystore.StoreKeypair to StoreKeyset 2021-06-05 16:38:26 -07:00
John Gardiner Myers 2300d89591 Rename pki.FindKeypair to FindPrimaryKeypair 2021-06-05 16:38:26 -07:00
John Gardiner Myers ed1f6ff79e Refactor StoreKeypair and AddCert 2021-06-05 16:38:25 -07:00
John Gardiner Myers 0364a3af25 Refactor FindKeypair interfaces 2021-06-05 16:38:24 -07:00
John Gardiner Myers 927b321e45 Make parsed Keyset type public 2021-06-05 16:38:24 -07:00
John Gardiner Myers b21370d118 Add PrimaryId field to KeysetSpec 2021-06-05 16:00:54 -07:00
Peter Rifel 4d9f0128a3
Upgrade to klog2 
This splits up the kubernetes 1.19 PR to make it easier to keep up to date until we get it sorted out.
 2020-08-16 20:56:48 -05:00
ZouYu 2fc52ec6be fix some go-lint warning 
Signed-off-by: ZouYu <zouy.fnst@cn.fujitsu.com>
 2020-06-09 08:52:50 +08:00
John Gardiner Myers a96f7963a6 Pull cert issuance code up into fitasks.Keypair 2020-06-04 10:26:41 -07:00
John Gardiner Myers 8a6d29cd40 Remove support for reading legacy-format keypairs 2020-05-20 13:28:13 -07:00
John Gardiner Myers 649062a4c1 Remove deprecated CertificatePool method 2020-05-09 22:47:45 -07:00
John Gardiner Myers ae667a94c5 Make funcs private and remove dead code 2020-05-09 22:39:19 -07:00
Justin Santa Barbara 31bb16d4d1 Add context.Context to most signatures 
The client-go signature for most methods adds a context.Context
object, and also makes Options mandatory.  Feed through a
context.Context through many of our methods (but use context.TODO to
stop it getting totally out of hand!)
 2020-04-11 14:44:17 -04:00
yuxiaobo 89b5d7c25e staticcheck:modify the import package alias 
Signed-off-by: yuxiaobo <yuxiaobogo@163.com>
 2020-01-03 12:30:44 +08:00
Kubernetes Prow Robot 11cec04bab
Merge pull request #7792 from tanjunchen/remove-some-unused-code 
remove unused functions and simplify return str
 2019-12-09 21:15:28 -08:00
feifei.zhang@huawei.com 48ebd260d3 fix golint failures 2019-11-24 16:38:58 +08:00
tanjunchen fa6d0130c8 remove unused functions and simplify return str 2019-10-15 23:54:10 +08:00
mikesplain 9e55b8230a Update copyright notices 
Also cleans some white spaces
 2019-09-09 14:47:51 -04:00
Justin SB 3e33ac7682
Change code from glog to klog 
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog.  That
will happen when we update to k8s 1.13.
 2019-05-06 12:54:51 -04:00
Derek Lemon -T (delemon - AEROTEK INC at Cisco) 4f0169bb79 codegen 2019-01-16 09:30:40 -07:00
Justin Santa Barbara 4d1abb7d87 Define KeysetFormat type, embed into keyset 
The values are 'legacy' when not using keyset.yaml, and the API version
(v1alpha2) for keyset.yaml
 2018-03-12 01:45:20 -04:00
chrislovecnm c13b952cd3 Updating legacy Keyset to newer Keyset API Objects 
Creating the keypair.yaml file if it does not exist.

If the Keypair is not found kops creates a new keyset file.  We are
setting the Keyset Task Format to 'Keypair', which denotes that we do
not have a keypair.yaml file.

This commit enables upgrading from kops 1.8 -> 1.9 while upgrading an
existing cluster.  Clusters built with kops 1.8 do not have the keypair
file, and these code changes allow the creation of that file.
 2018-03-09 13:14:25 -07:00
Alexander Brandstedt 62ab65e8e3 implementation custom ca cert and key #2924 
- implementing as new subcommand keypair to secret
- rename of LoadPEMCertificate to ParsePEMCertificate to have
  the same naming of parsing of certificate/private key bytes in
  the same package result is
    pki.ParsePEMPrivateKey(privateKeyBytes)
    pki.ParsePEMCertificate(certBytes)
 2018-03-01 09:50:04 +01:00
Justin Santa Barbara ec8db8b78c Initial implementation of bundle command 
The bundle command will support enrollment of a machine via SSH.
 2018-01-04 18:55:28 -05:00
Justin Santa Barbara ca6268b25b Implement mirroring for API CAStore 
Makes the mirror code essentially identical.
 2017-12-21 21:48:43 -05:00
Justin Santa Barbara ad82cd24eb Refactor VFS CA store to reuse keyset from clientset 
This ensures the two behave more similarly, but also will help us parse
a serialized keyset.
 2017-12-20 00:54:47 -05:00
Justin Santa Barbara f3e68c954c Remove use of deprecated create-if-missing functions 
Generally tightening up the interface to make it easier to remove list
operations.
 2017-12-20 00:54:47 -05:00
Justin Santa Barbara bf74133fd4 Refactor CAStore to use API types 
We now return KeySet objects
 2017-12-17 20:09:00 -05:00
Justin Santa Barbara 509b83ac7a Refactor: separate out SSHCredentials from Keyset stores 
We've done this in the API already, but we had a single CAStore
interface that did Keysets and SSHCredentials.  Separate out
SSHCredentials into SSHCredentialStore, and start using API objects as
our primary representation.
 2017-12-13 20:16:59 -05:00
Justin Santa Barbara e3c7f03aaa Avoid generating a CA keypair on-demand 
Instead we must explicitly create it; this avoids races where we are
reading the private key and creating CA certs.

Issue #3875
 2017-11-25 23:12:55 -05:00
Justin Santa Barbara b2bcba4a6d GCE: Use object-level permissions for files in GCS 
This lets us configure cross-project permissions while ourselves needing
minimal permissions, but also gives us a nice hook for future lockdown
of object-level permissions.
 2017-10-29 19:17:00 -04:00
Justin Santa Barbara a879521ba3 Initial aggregation support 
Create the keypairs, which are supposed to be signed by a different CA.

Set the `--requestheader-...` flags on apiserver.

Fix #3152
Fix #2691
 2017-10-22 14:41:38 -04:00
Justin Santa Barbara a4a58d277d Mirroring - Fixes from code review 2017-09-30 22:05:14 -04:00